Data Storage Digest

Do-It-Yourself Windows File Recovery Software: A Comparison

results »

Debunking Encryption Myths

It is extremely important that the data you store in archive is protected. Not just protected against something like a natural disaster, but against things like malicious users accessing the data without permission. Imagine if you had an external hard drive full of private business documents and it got stolen. Disaster, right? The disaster can be softened slightly by ensuring that your data is strongly encrypted. Encrypting your data is like locking your belongings away in a safe. However, there are some myths that surround encryption, so let’s take a look at some of them at get debunking.

Encrypted data is automatically secure

Encrypting your data makes it harder to access, but simply encrypting your data doesn’t automatically make it one hundred percent secure. The keys that unlock your data also need to be managed properly. Don’t store your encryption key on the server that the data resides on. Only those who truly need to know the key should have access to it. Otherwise your data is like a safe that has the passcode written on a scrap of paper next to it.

Encryption in the cloud is not secure

It’s true that storing your data in the cloud inherently opens you up to more vulnerabilities than storing completely offline would, but it’s the encryption that actually introduces proper security to the cloud. Although many cloud services offer encryption as a feature, it’s important to look at what they actually mean by this. Encrypting the data on the server isn’t the best solution if the provider is in charge of the key to unlock it – that means they could, theoretically, access it. The most secure cloud encryption would be to encrypt it client-side before it’s sent, then encrypted again at rest with only the user knowing the key.

Encryption is too difficult to use

Actually, encryption is pretty simple. There are loads of tools that are available online (some of them free) that will help encrypt your data. You can select a program that will give you the best performance for your needs, be they personal or business. If there is an IT team in place then they should be more than capable of setting up encryption on storage.

Encryption damages performance

Encryption can affect performance, especially in databases, but in varies on the application. For example, encrypting at a file level doesn’t have as much impact as it would at an application level. In fact, if you just want encryption on archives then performance considerations shouldn’t really come into it.

SSL already handles encryption

SSL encrypts data while it is being moved, but it doesn’t encrypt when it’s at rest (inactive). Data should be encrypted no matter how long you plan to store it; a malicious user could attack at any time and it’s better to be safe than sorry.

Encryption is only needed for compliance

There are some enterprises that will have to encrypt their data due to industry requirements or government legislations. But the fact of the matter is that everyone should encrypt data, especially if it contains personal and private information. For example, if customer information that wasn’t encrypted gets leaked then the excuse it wasn’t a legal requirement isn’t going to solve anything.

Comments

No comments yet. Sign in to add the first!