What is Encryption?
Also known as: Data scrambling
Encryption is a way of ‘scrambling’ data to ensure that only the right people, or devices, can understand the information. In simple terms, encryption converts easily readable plaintext into something incomprehensible, whic is known as ciphertext. A cryptographic key is a string of characters used within an encryption algorithm for altering data so that it appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.
Effective network security relies on multiple layers of defense, not just at the edge and core of the network but also along the network path. While much of the focus on security is on users and applications, protecting in-flight data as it travels across the network is a critical component of a holistic security strategy.
The expansion in the volume of sensitive information being stored and transmitted by many organisations shows no sign of abating, whilst the Internet and cloud computing present new challenges. This has led to new risks, whilst data breaches – both accidental and malicious – have grown in frequency, severity and business impact. Security breaches impact network availability, which results in disruption to normal business activity and significant business cost. A loss of customers affects revenues directly and reputational damage can seriously affect the customer retention and growth prospects of a business.
Physically securing networks can be extremely challenging, and even if a rack or room can be secured, data itself must traverse disparate systems and locations. In Europe, the General Data Protection Regulation (GDPR) came into effect in May 2018, requiring all companies that process personal data to comply with its provisions or face stiff penalties in the event of a data breach. And in the US, 47 states now have laws requiring notification of data breaches involving personal information. 29 states have laws that explicitly require entities to destroy, dispose, or make personal information unreadable/ undecipherable. As global regulators increasingly address the pressing need for information security, businesses need to adopt a coherent and holistic strategy across their technology infrastructure.