The secret code of data.
For many of us in the tech world, our earliest experiences with encrypting data didn’t happen on a computer. It happened when we were kids playing with decoder rings to pass notes to a friend in class. We could share all our secrets in a format that an intercepting teacher or parent couldn’t decipher. Maybe you did it too. Whether you used numbers or pictures to represent a letter of the alphabet or switched the letter order around, requiring a key to determine which letter represented which, you were engaging in rudimentary cryptography. In the computing world, encrypting data isn’t quite like the notes you passed in school, but the concept is the same – protecting private information from prying eyes.
Encrypting your data is the most effective way of keeping it secure. Encryption essentially scrambles the display of your data, rendering it useless to someone who does not have the key or password to decrypt it. Encryption is a vital tool in our increasingly connected world where we send important personal and financial data with the click of a button. It’s what keeps your credit card information secure when you buy online, and what will protect your smart devices tied to the Internet of Things from hackers that could control your home’s lighting, thermostat, refrigerator or security system.
Technology giant, IBM, recently announced that it wants to fight hackers by “encrypting the world.” This breakthrough in security technology would allow everyone, including smaller businesses, to encrypt customer data on a massive scale. By utilizing updated computer chips that can process and quickly encrypt and decrypt the millions of transactions a day on a company’s mainframe servers, most, if not all, customer information could be turned into “gibberish” that is illegible to hackers and thieves. And with data breaches across the U.S. steadily growing in frequency and scope, universal encryption could be the solution to the hemorrhage of millions of people’s personal information each year.
“One of the big problems is that way too much information is stored in clear text,” said Austin Carson, the Executive Director of the Technology think tank TechFreedom. Referring to universal encryption, he continued, “that would be a huge step forward just in terms of protecting a much larger body of information.”
However, despite the fact that encryption just seems to make sense on a global scale, it is not without significant challenges, especially for law enforcement and government agencies. Because encryption protects personal data, including access to mobile devices, email and messaging software, some government agencies are trying to insist on providing a “backdoor” into the data that would allow law enforcement to access the data of known or suspected criminals.
In the aftermath of several deadly attacks that have occurred this year alone, the “Five Eyes” security alliance – made up of Australia, New Zealand, the United Kingdom, Canada and the United States – released a statement following a June meeting on the issue of encryption. “Encryption can severely undermine public safety efforts by impeding lawful access to the content of communications during investigations.”
And Australia’s Prime Minister, Malcolm Turnbull, said, “The privacy of a terrorist can never be more important than public safety. Never. This is not about creating or exploiting back doors as some privacy advocates continue to say, despite constant reassurance from us. It is about collaboration with and assistance from industry in the pursuit of public safety.”
But the CEO of Apple, when faced with a similar investigation conducted by the FBI, pointed out, “weakening encryption would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.”
There does not appear to be a simple solution to the security issue on the horizon. Though the U.K. has already implemented rules to allow the government broader surveillance access to an individual’s private data, and Australia is working to accomplish the same, no government wants the appearance of weakening their citizens’ individual security. But there’s a significant risk of that being the outcome.
“If the government has the ability to tell, secretly, a tech company, ‘OK, we want to change the software on the phones to do the following,’ it doesn’t really matter if, by the letter of the law, you’re not really breaking encryption,” says Danny O’Brien, the International Director of the Electronic Frontier Foundation. “If we make this sufficiently insecure that the government has access to this, then other governments, other states, and hackers would have access to it.”
And we’ve already seen how hackers could take advantage of government agency back doors with the recent WannaCry attack which held thousands of Windows machines hostage. The vulnerability exploited by the hackers was secretly being used by the National Security Agency prior to the global leak, causing concerns that if government agencies are provided with backdoor access to encrypted data, persistent hackers could still find ways to access that information.
So while the debate over encryption and backdoor access appears to be just starting, one thing is clear – encryption is still the best solution for protecting your data. At Spud Software, our team of programmers are experts at protecting data security through a variety of encryption methods. If you’re interested in protecting your financial, customer and operations data, we can help. Give us a call and we’ll provide you with the solutions you need to secure your important data.
*Quotes provided by Bloomberg.com and TheDailyHerald.com
The secret code of data.