Using Encryption to Protect Data 1
|Previous||1 of 2||Next|
small (250x250 max)
medium (500x500 max)
large ( > 500x500)
State of Oklahoma Monthly Security Tips NEWSLETTER September 2012 Volume 7, Issue 9 Using Encryption to Protect Data From the Desk of CPT Jeff Elliott, Oklahoma Office of Homeland Security According to the Privacy Rights Clearinghouse, more than 19 million records have been involved in a data breach so far this year. Protection of data requires multiple layers of defense, and the use of encryption to secure sensitive data is a critical tool in this multi-layered approach. Encryption scrambles a message or file so only the sender and the authorized individual with the decryption key can decode it. Encryption solutions generally encompass two types: hardware and software. Examples of hardware encryption include a pre-encrypted USB device or hard drive; software encryption consists of a program installed on a machine that encrypts some or all of the data on the system. The list below includes guidance for how, when and where encryption should be implemented in order to enhance security and data protection: • Laptop protection - Theft of laptops can result in unsecured information being used by a third party to gain access to bank accounts, mobile phones, internal networks, and other sensitive information. A stolen company laptop can become a security risk if it contains confidential information or passwords for a closed network. Enabling laptop encryption is a recommended way to reduce these risks, while ensuring that information cannot be easily retrieved. Laptops can be encrypted in various ways: encrypting specific directories and files or encrypting the entire hard drive (full disk encryption). Some analysts recommend using both forms of encryption on the same laptop as that is more secure than either method on its own. In the Windows 7 version of the Microsoft Operating System, the operating system contains BitLocker, also known as Whole Drive encryption, as one of its features. Minimally, file level encryption should be implemented; full disk encryption is a best practice. • Wireless networks – The first line of defense for a Wi-Fi network is encryption, which encodes the data transmitted between your electronic device and the wireless access point. Unfortunately, most wireless access points ship with encryption turned off, and many owners of the wireless access points don't turn it on, leaving users completely exposed. If you haven't already, enable your wireless access point's encryption, and use the strongest form supported by your network. The Wireless Protected Access (WPA) protocol and more recent WPA2 have supplanted the older and less-secure Wireless Encryption Protocol (WEP). It is highly recommended that your network support WPA2. Both WPA and WEP are considered to be significantly weaker, as the algorithms for those have been cracked. • Email – It is important to realize that email and IM messages pass through numerous servers and routers before reaching their final destination. Standard email messages are sent in plain text, so it's possible for someone else to snoop and read them. When you encrypt mail, on the other hand, it makes the messages completely unreadable to anyone who doesn't possess a decryption key. There are several ways to encrypt email. The simplest way is to use extra software that plugs into your existing email client. Confidential or sensitive data should not be sent via email in clear text. • Backup tapes and media – Organizations regularly deploy backups on media that are then stored at an outside facility. These backups should be encrypted to prevent unauthorized access in the event of a physical breach.
|Okla State Agency||
Homeland Security, Oklahoma Office of
|Okla Agency Code||'HOM'|
|Title||State of Oklahoma monthly security tips newsletter, 09/2012, v. 7 no. 9|
Oklahoma. Office of Homeland Security.
|Purpose||Using Encryption to Protect Data, Jeff Elliott|
|For all issues click||H2540.6 C994|
|Digital Format||PDF Adobe Reader required|
|ODL electronic copy||Downloaded from agency website: http://www.ok.gov/homeland/documents/Using%20Encryption%20to%20Protect%20Data.pdf|
|Rights and Permissions||This Oklahoma State Government publication is provided for educational purposes under US copyright law. Other usage requires permission of copyright holders.|