Tue | Dec 6, 2016

Protect your data - encrypt it!

Published:Sunday | December 21, 2014 | 12:00 AM

Trevor Forrest, Guest Columnist

A common misconception that many people have about securing data and privacy of data communications is "as long as the connection between the sender and recipient of information is secure then the data itself is also secure". Well, nothing could be further from the truth.

This was borne out in my last two articles in which I alluded to the fact that on today's modern networks, public or private, all data can be hijacked and inspected en route without the sender's or recipient's knowledge.

Shockingly, I heard State Minister of Technology Julian Robinson at a recent event he was addressing say quite nonchalantly that all data and communications are already monitored in one way or another. Not sure if statements like those can be viewed as appropriate coming from the minister, albeit true.

The reality we all face is that we simply cannot communicate in this day and age entirely on closed systems; we must use public networks. So does this mean that privacy is dead? What is one to do in order to protect electronic data? What happens if my data is lost or stolen in transit? Who will be held responsible in the absence of data-protection and privacy laws that treat with these situations?

Never entirely private

The truth is, electronic data will never be entirely private or secure but you can make it harder to steal. I often use the example of the home with burglar bars on every window and an alarm system. Burglar bars and alarms are just deterrents because they will not stop a motivated thief from breaking in, it only slows him down or encourages him to look for an easier target.

This is the choice you face when it comes to protecting your own electronic data. You have to employ deterrents and simply make it more difficult for would be thieves and hackers. Don't make your data their low-hanging fruit.

This is important, especially with the advent of portable data storage devices like CD-ROMs, DVDs, USB (jump) drives, laptops, mobile phones and tablets. Many of us are walking around with very sensitive data on these devices with absolutely no protection or encryption installed on them. When these devices are lost or stolen, the sensitive data goes with it.

Remember when Minister of National Security Peter Bunting's BlackBerry was stolen? I wonder if that phone was encrypted. Can you imagine what kind of sensitive information could have been on that? Oh, and the BB data wipe would only work if the phone was turned on and connected to the network, so NO, that would not solve the problem. Unless, of course, the phone had Lojack installed (which I doubt), in which case GPS could be used to locate it, turn it on remotely and then wipe it. I digress.

It is no longer good enough to have a simple password on these devices as the protection method. 'Brute force' password attack programs can easily circumvent these basic security measures. There are many of us who don't even have a password on our computers or mobile devices, let alone encryption.

In the case of mobile devices we sometimes elaborate unlock patterns as if these methods are unbreakable. It is interesting to note that some mobile device vendors have recognised the need for more robust security measures and have started to incorporate clever biometric access methods into their latest devices.

There is also another common misconception about the security of proprietary email systems like Microsoft Exchange, IBM Notes or Novell Groupwise. Use of these types of systems does not mean that email communications are automatically secure. The security only exists when an email is exchanged between other recipients within the same system or on the same message store. However, when a message is sent to an external mailbox (like a Gmail or Yahoo mailbox), it is no longer secure.

ENCRYPTION TO THE RESCUE

The best way to start protecting your electronic data from prying eyes is through use of encryption. This approach to securing your data is a necessary inconvenience in an increasingly data-driven, digital economy because digital data is portable and, as a result, is more vulnerable.

What is encryption and how does it work?

Encryption is the process of encoding messages or information in such a way that only authorised parties can read it. This is accomplished through the use of a 'key'. This key is used to scramble data at its source before it is sent and then to descramble it at its destination when received.

The method of scrambling is often referred to as the encryption algorithm (An algorithm is a technical term used to define a process used to perform a specific type of calculation). There are many types of encryption algorithms, e.g., AES, DES, Twofish, Blowfish, TDES, Serpent.

Encryption is not a new technology; in fact, it has been around since the early days of Egypt in the form of certain hieroglyphics. The Greeks also used a form of encryption tool called the Scytale. Later in World War II, the British, American, Japanese and the German military used encryption systems for communications. The most notable being the German ENIGMA machine.

Today, encryption systems and methods are available to just about everybody and the good thing about it is that in many instances you can acquire very sophisticated data encryption solutions for free. Versions of popular device-operating systems and software like Windows, UNIX, Linux, MacOS, iOS and Android already have data encryption capabilities built in which will allow you to encrypt your emails, documents and even voice communications.

Because of the nature of data communications methods, encryption of data files and encryption of data communications are not handled in the same way. As such, email communications, for example, are encrypted, using a different process from data files. So it is important to ensure that you take a complete end-to-end encryption approach if you intend to secure all of your information and communications. No weak links can be allowed.

There are many vendors who provide complete encryption solutions. Some of these include Microsoft (BitLocker), Symantec (Endpoint), TrueCRYPT, Sophos (SafeGuard), McAfee (Endpoint), Apple (FileVault), NewSoftware (FolderLock).

If you want to ensure that your data is protected and shielded from prying eyes, even when it is stolen, ENCRYPT IT!

Trevor Forrest is CEO of 876 Technology Solutions, a company specialising in website design, cloud hosting and document management. Email feedback to columns@gleanerjm.com and trevorforrest@876solutions.com.