Encryption 101: your complete guide
Infosec 101 - 11 min read
May 18, 2022
Nov 14, 2019
3 min read
Digital transformation has radically changed workplaces in the recent decade, producing an ever-increasing demand for collaboration and efficiency. No longer confined to a desk, the cloud has enabled us to work from anywhere, anytime. With collaboration as a key component of modern workspaces, we explore the power, as well as the threats behind our new open workspace culture.
Collaboration between teams is as old as time; it's intertwined with human nature. However, when we entered the digital age, cloud collaboration tools catapulted business into the global sphere. Now, communication between teams, suppliers, and shareholders has gone from days to mere seconds. In a market that is expected to reach $9.8 billion by 2022, collaboration apps are booming, with promises to make file-sharing über efficient and super quick.
But with this new need for speed and no end-to-end encryption, businesses are encountering some major cyber-security setbacks. A study from Jonathan Christensen, the chief experience officer at Symphony, found that 25% of workers have used collaboration tools to share personal information, such as HR and pay details, while 21% admitted to having sent company financial information.
It's been a pioneering time for apps. We've basked in our efficiency and smiled as we've e-signed a contract, for a deal a thousand miles away. With our teams perfectly set up for collaborative glory, our thoughts are now shifting to the security of these collaborative tools.
Let's start by introducing the biggest threat to collaboration security – us, people. In a world laden with apps for just about anything, the temptation to use a personal app at work is inevitable. How many of us have sent private credentials to a colleague over WhatsApp? Or mailed an unencrypted sensitive document to a client on Gmail? We do it without thinking; after all, we're just trying to get our work done efficiently.
When employees begin to embrace new tools that are not covered by a company’s security policy, accidental breaches can happen with very real consequences. For one, IT teams are unable to keep track of how many unauthorized tools are being used, making it difficult to intervene when sensitive data is put at risk. Secondly, most collaboration tools are not enabled for external sharing, meaning your files are at risk if you share them with a client or agency, for instance.
This pitfall can pose a major threat to businesses that operate within vast networks of people. A city council, for example, needs to share sensitive network files with external clients and partners every day. With hundreds of employees, it's unlikely that each person is going to adhere to a strict security protocol. Plus, we only need to look back six months to see how the error of one employee led to the world's biggest data breach of all time.
So what's the solution? It would be naive of us to expect to eradicate human error altogether. It would also be quite unpleasant to force your employees to bin their favorite apps. After all, our collaborative workspaces and borderless digital lives have made us the most connected generation to have ever existed. And no one wants to be the collaboration killer.
Protecting your files while you're collaborating is a tricky business. We encrypt our files in the cloud and assume our security is second to none. However, while most cloud-based apps provide encryption, they also allow themselves access to your data. Especially since they keep the encryption keys.
This is where human error can run wild. A programmer with ulterior motives could easily steal your information. Cybercriminals can spot this weakness in the system, and sometimes the companies themselves may keep tabs on your data – for all sorts of sneaky reasons.
So why not be the boss of your own security? It puzzles us all. Why not harness the power of encryption, and give it back to the people in an easy-to-use app? NordLocker does exactly that.
We give people the confidence to take charge of their data. By using end-to-end encryption and zero-knowledge architecture, you can drag & drop your files to a locker where they're automatically encrypted on your device, before they even reach the cloud.
We also let you keep the keys. This means that we have absolutely no knowledge of what's in your locker – since you keep your encryption key, which is protected by your own master password.
When you're in charge and your data is secured with end-to-end encryption, there's no reason why you can't securely share and edit your files through any apps you wish. Usually, files are weakest at the point of sharing. They can lose encryption once they leave the cloud, or when multiple versions have been created while editing. Tools that put security into our own hands will pave the way for secure collaboration. Shadow IT will become a thing of the past, and company security policies will be a lot simpler. As with our open, collaborative workspaces, technology must be re-imagined in the same spirit. Instead of trusting armies of strangers to keep our files safe, we're learning to protect our data at the point of origin – and that's usually with us.
We're always on the ball when it comes to tackling security issues with collaboration. Discover more ways we can help here.
Eva is usually the quiet one in the gang. But don’t let that silent demeanor fool you. She’s a brown belt in Brazilian Jiu-Jitsu. And when she’s not kicking butts, Eva loves to dissect complex tech topics in a way even 5-year olds would understand.