In the first part of our series we spoke about the history of encryption and why right now, it’s such a big talking point globally. You can read about encryption’s origins in part one of our series here.
Today we move on to talk about the importance of encryption to businesses around the world, why it’s also important in your personal life and finally ask whether encryption is helping to make the internet a safer place.
Why is everyone talking about encryption?
The breakable, unbreakable debate has been a hot topic for some time when talking about encryption. The way that some tech companies implement encryption means that no-one apart from the sender and the recipient can read the messages. Whilst this undoubtedly assists with data security there is a genuine problem with this when it comes to law enforcement as the police and intelligence agencies cannot get access to all the information they need. This makes it easier for criminals and terrorists to plan and communicate securely.
So the question of whether encryption should be breakable or not continues to be a discussion point.
Encryption is Important to your Business
Without encryption, you are offering people easy access to your data. Whether it’s used to protect your email communication or stored data, some form of encryption should be included within your company’s security tools for precautionary measures.
Adopting an email encryption application is a good first step to protecting your company’s digital safety and privacy. Traditionally, emails are sent in plain text through the internet and local networks which means they can be intercepted by hackers who want to know their content. Email encryption applications attempt to stop hackers spying on your messages and can be an effective way of protecting sensitive business information.
Hard drives, internet traffic, cloud storage, software and USB drives can all be encrypted. However, despite sophisticated encryption, human error, insider attacks and poor implementations are challenges that I.T. teams have to overcome to ensure a company’s data is safe.
End-to-end encryption is the best defence available to keep the data and services we all rely on safe from misuse. From storing data on the cloud to online banking to identity verification, end-to-end encryption is essential for preventing data being accessed illegally in ways that can harm consumers and business.
Encryption is Important in your Personal Life
In a world where everybody, from the government to email providers, is threatening your privacy, encryption has become a necessity. Your personal information can be used to steal your identity, threaten your reputation, and undermine your professional life.
It is not only cyber criminals you need to be aware of, both the government and your email provider may also have access to your communications. Many email service providers routinely obtain data from users’ emails. Data is more frequently used for advertising purposes rather than cybercrime, however it is still an intrusion of your privacy. Email encryption software can help with this.
Encryption keeps us safe in many ways: it keeps your financial transactions secret as they travel across the internet; it keeps your personal details personal and your unwise selfies safe from prying eyes. Without email encryption software, all your private messages are an open book. Encryption allows you to communicate privately when you need it.
The Whatsapp Debate
A big encryption talking point this year has been popular messaging app Whatsapp’s policy on end-to-end encryption. The company states that “privacy and security is in our DNA” but has come under scrutiny recently from Home Secretary, Amber Rudd, who has called for its content to be made accessible to intelligence services to aid the war on terror.
Whatsapp allows contacts to send photos, messages and videos without the worry of anyone accessing the material. Naturally, this poses problems when it comes to users breaking the law and worse, terrorism.
Companies like WhatsApp and Apple, which are using end-to-end encryption, do not currently have the ability to read customers' messages at all. To allow police access to those messages, those companies would have to change the way they use encryption, and they would then be able to decode every message. That makes people using these services less secure than they were before.
However, if tech companies weaken security and allow their government access to apps, they also make it easier for other organisations to gain access.
Another consideration is that other countries may not adopt the same principles meaning that criminals and terrorists will simply move to other encrypted apps based in other countries which will allow them to continue communicating privately.
Robert Hannigan, former Head of GCHQ, warned that "building back doors" in encryption systems was "a threat to everybody" and suggested that the government and private companies work more closely together to tackle the problem.
It still remains to be seen whether WhatsApp and others companies like it will eventually make their information available to intelligence services after mounting pressure for a safer world.
Is the Web is getting Safer?
Web encryption has been around for years. The original HTTPS protocol was released in 1995 and was known as Secure Socket Layer, or SSL. It enabled companies to handle credit card transactions online by protecting payment details and ensuring that online merchants were who they said they were. Transport Layer Security (TLS) replaced SSL and is now widely used outside of credit card payments.
The volume of encrypted internet traffic is now greater than unencrypted traffic. Encrypted sites have a little green lock right next to the web address that indicates that the page you visited came to you via HTTPS, the web's secure protocol, rather than HTTP. Many big companies such as Facebook, Google and Wikipedia have all switched to HTTPS.
HTTPS is so sophisticated now however, that hackers have moved their attention away from trying to hack into data in transit instead are targeting the data at source or via the end user. So whilst HTTPS may prevent cybercriminals accessing your data online, they are constantly coming up with new ways to obtain what they want.
We hope you’ve found this blog useful. For more information about encryption tools or to discuss other I.T. security concerns, please contact us on firstname.lastname@example.org or 08456 399 661.