Why We Encrypt
Encryption protects our data. It protects our data when it’s sitting on our computers and in data centres, and it protects it when it's being transmitted around the Internet. It protects our conversations, whether video, voice, or text. It protects our privacy. It protects our anonymity. And sometimes, it protects our lives.
This protection is important for everyone. It's easy to see how encryption protects journalists, human rights defenders, and political activists in authoritarian countries. But encryption protects the rest of us as well. It protects our data from criminals. It protects it from competitors, neighbours, and family members. It protects it from malicious attackers, and it protects it from accidents.
Encryption works best if it’s ubiquitous and automatic. The two forms of encryption you use most often – https URLs on your browser, and the handset-to-tower link for your cell phone calls – work so well because you don't even know they're there.
Encryption should be enabled for everything by default, not a feature you turn on only if you're doing something you consider worth protecting.
This is important. If we only use encryption when we’re working with important data, then encryption signals that data's importance. If only dissidents use encryption in a country, that country's authorities have an easy way of identifying them. But if everyone uses it all of the time, encryption ceases to be a signal. No one can distinguish simple chatting from deeply private conversation. The government can't tell the dissidents from the rest of the population. Every time you use encryption, you're protecting someone who needs to use it to stay alive.
It's important to remember that encryption doesn't magically convey security. There are many ways to get encryption wrong, and we regularly see them in the headlines. Encryption doesn’t protect your computer or phone from being hacked, and it can't protect metadata, such as e-mail addresses that need to be unencrypted so your mail can be delivered.
But encryption is the most important privacy-preserving technology we have, and one that is uniquely suited to protect against bulk surveillance – the kind done by governments looking to control their populations and criminals looking for vulnerable victims. By forcing both to target their attacks against individuals, we protect society.
Today, we are seeing government pushback against encryption. Many countries, from States like China and Russia to more democratic governments like the United States and the United Kingdom, are either talking about or implementing policies that limit strong encryption. This is dangerous, because it's technically impossible, and the attempt will cause incredible damage to the security of the Internet.
There are two morals to all of this. One, we should push companies to offer encryption to everyone, by default. And two, we should resist demands from governments to weaken encryption. Any weakening, even in the name of legitimate law enforcement, puts us all at risk. Even though criminals benefit from strong encryption, we're all much more secure when we all have strong encryption.
Categories: Computer and Information Security, Privacy and Surveillance
(Editor’s note: It is axiomatic that wider use of data encryption would help stem data breaches. In this guest essay, John Grimm, senior director of product marketing at Thales e-Security, examines the nuances.)
By John Grimm, Special to ThirdCertainty
The Anthem breach resulted in the exposure of up to 80 million records, including birthdays, addresses and Social Security numbers—everything an identity thief could hope for. Many of the headlines that covered the news included the fact that Anthem did not encrypt its internal data. According to one report, Anthem was actively “considering encrypting its internal database as well as taking other steps to improve its security” at the time of the attack.
To suggest that Anthem simply needed to encrypt the personal health information it was storing in the cloud is an oversimplification. Most practitioners today will agree that encryption is one of the best ways to protect data. However, although many regard encryption itself as being black and white—data is either encrypted or not—the reality is that there are several degrees of separation between properly implemented encryption and poorly implemented (and easily exploitable) encryption.
Much of the variance comes down to the quality of the crypto code itself, and the key management practices used. The end result may look the same, but the net level of security varies enormously. Encryption must be implemented properly using best practices and well-understood techniques like buffer overflow protection, principles of least privilege, .etc—or in today’s world, you’re taking your chances.
Security & Privacy Weekly News Roundup:Stay informed of key patterns and trends
Systems that process payments, personally identifiable information (PII), and other sensitive customer and corporate data must be trusted to do so securely. They must be in compliance with government, industry and corporate regulations and must minimize the impact on operational performance. There are numerous solutions on the market that employ cryptography to protect data end-to-end while in use, in transit and in storage. But what about the security of the cryptographic keys used within these crypto systems? Their foundation of trust relies on proper safekeeping and management of the keys—and that can prove to be the ultimate Achilles heel.
Once attackers have access to private encryption keys, they can decrypt past, present and future encrypted data—meaning key protection from the moment of generation, and then ongoing management throughout the lifetime of the key, is essential. However, not all business applications and data sets require the same level of protection. Organizations should conduct a proper risk assessment of critical systems to help determine which applications (and associated data) need the highest levels of protection. Certified protection of cryptographic keys may be necessary using specialized hardware security modules (HSMs) that remove keys from the host server environment and provide a safe place to generate, store and manage the most sensitive keys.
It’s a safe bet that Anthem soon will have a strong internal encryption strategy and an opportunity to safeguard PII data and win back the trust of its customers. Companies seeking to avoid breaches like this one would do well to locate and encrypt the most sensitive data within their network environments and protect and manage encryption keys like their data depends on it—because it does.
More on emerging best practices
Encryption rules ease retailers’ burden
Tracking privileged accounts can thwart hackers
Impenetrable encryption locks down Internet of Things
Posted in Data Privacy, Data Security, Guest Essays