Encrypted data can make the difference between limited loss or inconvenience and major exposure to subsequent fraud and reputational damage for your Los Angeles distribution company.
Suppose an employee loses a laptop containing confidential company data. Alternatively, someone mixes up email addresses and sends a file attachment with payment information to the wrong recipient. Or hackers manage to break into your servers.
What would you do?
Encryption Standards and “Crackability”
Encrypted data uses a key or sequence of numbers to scramble an electronic message or file. A key is then used to unscramble the data and make it usable again.
Today’s computers have the power to do this rapidly, even with very large keys. On the other hand, the larger the key, the more difficult it is for anyone without the key to decode the data. That is why encryption can be so effective in protecting data.
The Need for Data in Motion and Data at Rest Encryption
For effective protection, your confidential data needs to be protected both when it is sitting in your data center and when it is being moved around.
To ensure the proper data at rest encryption (DARE), you need to know where the data is. Locations could include servers inside your company premises, user devices, network storage devices, and public cloud storage.
Your data encryption policy should be regularly reviewed to see which new data needs to be encrypted and which older data may no longer need this level of protection.
Data in motion is often protected by a standard protocol like SSL, in which sender and receiver understand each other, but the data in transit becomes unintelligible to anyone trying to listen in.
Who Holds the Key?
If encrypted data is vital for distributors, then being able to recover the decrypted data is as well. If the key is lost, effectively so is the data. Some cloud service providers offer data encryption as part of their solutions and manage the key for the customer too.
As a customer, that protects you against loss of the key, but it also means that somebody else can read your information. In the wake of government snooping scandals and agencies pressuring providers to hand over those keys, private encryption solutions have become more popular.
In that case, you as the customer are responsible for keeping your own encryption key safe. And if you lose it, no one can help you.
When encryption is correctly used, it not only protects your company against data theft, but it can also help ensure regulatory compliance. Full-disk encryption of user PCs automatically protects all of the data on the disk without needing manual intervention by the user. That includes temporary files and PC start-up, further protecting the PC from any unauthorized access.
If a laptop protected by full-disk encryption goes astray, you can still avoid fines, lawsuits, or adverse publicity, and limit loss to the replacement cost of the laptop itself.
As a final note, however, make sure that regular, secure data backups are made. If the PC disk drive malfunctions for example, you’ll need those backups to start work again.
Is encrypted data standard practice for your distribution company? Tell us about it in the space below for Comments.
To follow up on the tips in this article, download your free guide, How COOs at Los Angeles Distributors and Manufacturers Get More Done: A Guide to Productivity, Data, Staffing, Delegation, and Making It Home for Dinner Most Nights.