Encryption: What's in a name?

Cyber security is a hot topic at the moment, with many advanced attacks taking place in the last couple of years. Numerous local and international enterprises have been targeted and severely affected by cyber attacks, including data breaches, customer leaks, distributed denial of service (DDoS) and impersonation attacks.

There are many defence strategies and services on offer to safeguard against an array of cyber threats. However, one of the latest buzzwords in this field is encryption. Most people have a basic understanding of what encryption entails and why it’s a good form of protection, but how can large enterprises and small businesses benefit from advanced encryption?

What does encryption really mean?

Encryption is a process of scrambling data so that it is only recognised by the sender and receiver. It was used extensively during World War 2 to pass messages and orders to front-line troops. If these coded messages were intercepted, they’d be unrecognisable to the enemy. The process remains the same in digital terms.

Data encryption encodes plain text into cyphertext that is only accessible and understandable by users with the right cryptographic key. It converts readable data into a scrambled jumble of numbers and letters that can only be decoded by authorised users. WhatsApp and numerous other messaging services make use of end-to-end encryption to improve user privacy.

This is a basic form of encryption that scrambles data at one end device and decodes it at the other end device. Only the intended recipient can decrypt the data, so any intercepting person or software will not be able to make sense of the data.

When it comes to business, encryption has the same benefits. It’s critical to privacy protection and keeps sensitive information out of the hands of hackers, scammers and malware. It ensures that businesses protect their critical data and the personal information of their customers too.

Two types of encryption

There are two basic forms of encryption that have particular advantages and purposes:

Symmetric encryption - Here, the same key (decipher code) is used for encryption and decryption. This key is securely transferred between the sender and the receiver. It’s fast and efficient, but also an older form of security that could still be hacked.

Asymmetric encryption - Here, a different key is used for encryption and decryption. A private key is kept by the sender and a public key is shared with the authorised receiver or made available to the general public. Data encrypted with the public key can only be decrypted with the corresponding private key, which prevents unlawful access to the information by unauthorised users. Since there are two keys needed, this method is more secure.

Encryption in transit vs encryption at rest

There are two types of data that can be encrypted; data in transit (or in motion) and data at rest. Data in transit is most likely to be used day to day in a business. It’s stored on a database, whether on the cloud or on-premise, and is accessed through applications and computer programmes. It is sent and received, hence the name “in transit”. Data at rest is stored and protected by a firewall or software.

Both types of data can be encrypted. Think of it like putting data in transit into an armoured car as it travels, whereas data at rest is stored in a steel vault. The encryption adds an additional layer of security to business data. For encryption in transit, the data is scrambled before transmission, the devices are authenticated and the data is decrypted on arrival. For encryption at rest, the stored data is scrambled and left in this state until it is needed.

Enterprises will need to ensure that they utilise encryption for both forms of data. If customer records, bank accounts and personally identifiable information are stored on servers, then encryption at rest will be needed. If employees are constantly accessing and updating business records and supplier data, then encryption in transit should be used.

Best practices for added protection

Unencrypted data, whether in transit or at rest, is vulnerable to exposure. In addition to encryption, there are a number of best practices for data protection that IT teams should implement:

• Set up advanced network security controls, including firewalls, zero-trust access control, anti-malware and multifactor authentication.
• Take a proactive approach to data security by identifying at-risk information and implementing the required encryption or protection solutions.
• Choose data protection solutions from reputable suppliers, such as SEACOM Business, that can offer secure policies that enable user blocking and automatic encryption.
• Create internal policies for systematically classifying all business data, no matter where it’s stored or transferred to.
• Implement automatic backup and recovery of lost or stolen data.

SEACOM Business offers companies in South Africa a range of cloud and cyber security solutions. These include advanced encryption of data on business networks, whether based on SD-WAN or SASE. For more information or to get a quote for our network architecture services that include encryption, email us at marketing@seacom.com or leave us a message.

SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.

SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.

For‌ ‌more‌ ‌information‌ ‌on‌ our internet and voice solutions, ‌follow‌ ‌us‌ ‌on‌ ‌‌LinkedIn‌,‌ ‌‌Facebook‌ ‌or‌ ‌‌Twitter.‌ ‌Keep‌ ‌an‌ ‌eye‌ ‌on‌ ‌our‌ ‌‌news‌ ‌section‌‌ ‌for‌ ‌insightful‌ ‌articles‌ and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.

Need internet for your home? Our subsidiary, WonderNet, brings fast and cost-effective broadband internet to all Africans with a fibre-to-the-home offering.