In the 2015 Cyberthreat Defense Report, more than 70% of businesses experienced a successful cyber attack in the past 12 months.
When company data is not properly protected through encryption, it runs the risk of exposure. Below, we break down what network encryption is and how it applies to business security systems, such as video surveillance, access control and monitored alarms.
Why You Need Network Encryption
Employees can compromise your company’s security by leaving devices unlocked or unattended, using public Wi-Fi or surfing the web. These practices all introduce vulnerabilities in networks or devices that hackers can capitalize on to access company data. One way to lessen these risks is to properly secure data via network encryption.
When you encrypt your company’s sensitive information, you are encoding the data to make it unreadable to outside parties. This makes it more difficult for unauthorized individuals to access messages, files or information exchanged through your network.
There are many ways that data can be protected with encryption. In general, it is important to consider whether you need encryption for information “at rest” (while stored) and/or “in transit” (while being accessed or sent across a connection). It is also worth noting that multiple forms of encryption are often required. For example, encrypting files on your hard drives may not eliminate the need for encrypting the connections your customers or employees make via the web or VPN services.
Best Practices to Enhance Security
Before encrypting your company’s sensitive data, follow the best practices below:
- Conduct a cyber threat assessment to determine what data needs to be encrypted. This helps you understand the scope of the project and may dictate the technology and deployment approach required to meet your needs. Consider too any compliance requirements (e.g. PCI, HIPAA, etc.) that require data to be safeguarded.
- Ensure proper key management. The integrity of an encryption program requires protection of the secret keys that are used to encode data. Back up and securely store encryption keys in a centralized location and only provide access to those who absolutely need them.
- Select a service that provides a high-level of data protection. There are many forms of encryption available. Be sure that you receive expert guidance about what is appropriate for your needs. Also ensure that you are implementing in accordance with best practices – including the use of strong keys. For example, services that have 256 bit key length are considered to be high-quality and “gold standard.”
- Encourage IT and security vendor collaboration to ensure proper setup.
What best practices does your company utilize when encrypting sensitive data? Share with us in the comments below.