Posted on October 15, 2020 by Louise Howland
Encryption is where your data is essentially scrambled to be unreadable and the recipient needs a key to unscramble/decrypt the data to access it. Without the key the information cannot be accessed, protecting it in the event of a cybersecurity breach. Sensitive and private information, like passwords, identity information, bank details can be encrypted to keep it safe. Encryption is an important part of your file protection and information protection strategy and all organisations should ensure they have encryption in place.
From a security perspective it’s easy to understand the logic behind encryption, however the legal implications of not having sufficient encryption is often overlooked by organisations and it is vital they understand why encryption is so important.
GDPR became law on 25/05/2018 and under this law, directors of a business are personally liable (with potential imprisonment) for any cybersecurity or data breaches. The significance of encryption is that if a machine is lost or stolen then the law states that the breach must be reported to the ICO with 72 hours of the loss becoming known. If the machine is encrypted then that is an end to the responsibility, however, if the machine was not encrypted then the loss also must be reported to all of the company’s contacts. Ensuring all laptops and devices in an organisation are encrypted provide protection and limit the consequences of a breach.
For users of Microsoft (Office) 365 multiple layers and kinds of encryption work together to secure your data protecting files on a device and in transit between users. You also need to encrypt your hard-drive, Bitlocker is Microsoft’s free encryption software and available to all Windows Operating Systems (apart from home editions) and will work on any machine with a TPM chip (this will typically exclude budget hardware), it is simple to setup and enable but many machines don’t have it switched on. The most important part of the whole process is making sure that the unique encryption key that is generated as part of the process is securely stored (not on the same machine!) and is accessible to the user if and when they need it. This is not a common occurrence, but if anything untoward happens to the machine, the key will be requested before start-up, without the encryption key the data on the drive is inaccessible (another reason for good back-up hygiene!).
Our totalIT customers can rest assured that any machine with the totalIT agent installed reports back to our Operations Centre on the status of encryption, if any machines are not encrypted this will be reported on as part of the monthly checks. Our Technical Consultants completing regular scheduled visits will discuss encryption (or lack thereof) and a plan implemented to ensure all machines are protected on an ongoing basis.
For more information on encryption or if you are unsure if your devices are protected contact usContact us for encryption advice