Encryption FAQs: Breaking down the building blocks of encryption

Posted by Philip Bindley

What is encryption and how does it work?

Encryption is a fundamental security measure used to safeguard sensitive information.

Almost every business holds or processes some sort of sensitive data or personally identifiable information (PII), and if a cyber criminal attempts to gain access to this, encryption ensures that it remains unidentifiable.

It works by transforming data into an unreadable form whilst it is being transferred and stored. This data can then only be decrypted back into plain text by the intended user, preventing any unauthorised access.


Why do I need to encrypt my data?

It’s important to remember that it is your responsibility to implement the right defences to prevent the data you hold and process from being compromised. Encryption should therefore be one of the first measures outlined in your organisation’s security strategy.

Primarily, data needs to be encrypted in order protect your customers, employees and suppliers.  Customers, staff and third-parties trust that their data is kept safe by organisations they associate with, and as a bare minimum they expect adequate measures to be in place to safeguard it from falling into the wrong hands.

Despite encryption being around for decades, many modern data breaches can still be traced back to a lack of encryption, which is massively damaging for the brands affected. Implementing the correct level of encryption therefore also helps to protect your organisation’s reputation and avoid falling victim to non-compliance and any associated fines.


What level of encryption do I need?

There are several levels of encryption that can be deployed depending on the size of your business and the value of the data that you handle.

It’s advisable that you begin at least at disk level and increase this as your business and data sets grow in terms of value. But whether it’s disk, file, database or application level encryption you need, it’s important to select a solution that provides you with the right protection to mitigate the specific threats your business faces.


How flexible is encryption?

Whatever stage your business is at, it’s important that you have an encryption solution which can scale as your grow and evolve.

A good solution will allow you to implement various levels of encryption to meet changing data set demands across a range of platforms. These can be deployed across physical, virtual, cloud, container and big data environments, meaning that no matter how much you grow as a business, the data you’re responsible for remains encrypted.


How does encryption ensure compliance for my organisation?

Industry standards and data protection regulations aren’t there to scaremonger businesses – rather, they ensure that best practice is achieved and, in many cases, that data is protected to the correct level.

If your business hasn’t encrypted its sensitive information, from a compliance point of view this is often clear evidence that you’re not taking data security seriously. This would be true for the likes of GDPR, PCI DSS, ISO27001 and NIST for example.

Although many industry standards and compliance mandates are open to interpretation, encryption should be thought of as a vital element that shouldn’t be ignored if you want to be in the regulators’ good books.


What is the first thing I should look for when choosing an encryption solution?

When looking for encryption solutions, it’s important to choose one that is underpinned by strong, standard-based encryption protocols such as the Advanced Encryption Standard (AES), or elliptic curve cryptography (ECC) algorithms to ensure a robust level of security, whether data is stored in physical or virtual environments, your data will be safeguarded.


How easy is it to install encryption solutions across my business?

Encrypting your data shouldn’t cause operations to grind to a halt. Automation is a big feature of many solutions these days, meaning that encryption and access controls can be enabled without requiring changes to infrastructure, systems management tasks or business practices.

Many solutions are both sophisticated and user-friendly, so there’s no longer any excuse.


What is Vormetric Transparent Encryption and how is it delivered through The Bunker?

Vormetric Transparent Encryption is an advanced solution designed by Thales to protect data with file and volume level data-at-rest encryption, strict access controls, and data access audit logging without re-engineering applications, databases.

The robust, scalable and flexible encryption solution is available for Windows, Linux and Unix platforms and can be used across physical, cloud, container and big data environments to offer robust data protection and assist with meeting strict compliance standards.

At The Bunker, we offer this as a service, meaning that you will not only benefit from Vormetric’s advanced capabilities, but we also design a bespoke and costs-effective solution that can flex as your needs change and your business evolves. Our military-grade facilities and the support of our dedicated team also add additional layers of security to safeguard your most important assets.


To find out more about how we can help you implement Vormetric Transparent Encryption-as-a-Service across your business, click here.