Encryption 101: your complete guide
Infosec 101 - 11 min read
May 18, 2022
Nov 14, 2019
4 min read
You lock the doors when you leave your house. But what do you do to protect your privacy online?Your data holds as much value (if not more) as your wallet or anything you have in your house. So what exactly is data privacy, and how do you ensure it? Read on to find out.
In simple terms, data privacy is an obligation by an individual or a company to protect the information you shared with them. For example, you may need to share certain sensitive information to gain access to their service. It could include personally identifiable information, like your name and date of birth or messages, emails, and files. In return, the company promises that no one will use or access your data without your permission.
Companies have to set their privacy policies in line with their country's laws and data protection regulations. For example, European Union countries have the General Data Protection Regulation (GDPR), while companies in the United States have to follow federal and state laws.
Privacy agreements, policies, laws, and regulations are great. However, they do not guarantee that hackers won't break into the company's servers and steal your sensitive information. That's where data security comes into play.
Why is encryption important? Simple — devices are physical objects.
Data security and data privacy go hand in hand. Thus they are sometimes used interchangeably, yet mistakenly. Data privacy can be referred to as regulations a company follows to ensure your data stays private. And data security is the technology it uses to ensure that no outsiders can gain access.
Data privacy cannot be guaranteed without data security – and vice versa. If the security is poor, hackers could steal your information. However, if your sensitive data is secured, but there are no privacy policies in place, then the company could share your personal information with anyone.
Unless the company handling it has flawless data privacy and data security practices, your information isn't that private or safe. It can easily end up in the wrong hands. How?
1. Companies breach their own privacy policies
Let's say the company whose service you are using has strict privacy policies. But can you really trust it? Companies like Google and Facebook built their businesses on information gathering, and they breached their customers' trust over and over again. They unlawfully shared users' data with third parties,previously scanned the emails and files stored on the cloud, and used users' images to train their facial recognition technology.
2. Data breaches and leaks
Your data is valuable not just to companies but hackers too. They are working tirelessly to hack into databases of various companies. Why? Because they can use your sensitive information for phishing and social engineering attacks. They can also sell it on the dark web, or drain your bank accounts, take out loans under your name, steal your identity, and more. The list is endless.
That's why data security is so important. But despite that, many organizations don't invest the necessary resources into cybersecurity and therefore fail to protect their servers.
3. Man-in-the-middle attacks
Sharing or transferring files over an unencrypted connection makes you vulnerable to man-in-the-middle attacks. Sending an unencrypted file over an open web is like sending a postcard without an envelope. The postman taking it from A to B can read everything you've written on it. In technical terms, all servers that help to transfer your file can read so-called data packets as well as your IP address. This means hackers who are "sniffing the traffic" can snatch your information, steal your files, and also see your location.
There are quite a few things that can go south when someone is handling your data, even if you trust that company. One way to prevent the damage is simply not share or limit any sensitive information. It’s rarely possible though, as you will often be asked to provide your name, email address, and your card details to use any service. The protection of your data then lies in the hands of that company.
But what about the files you store on cloud, send to your friends, or store on your device? You can take total control of their security and privacy by encrypting them with services such as NordLocker. Sounds difficult, huh? It's easier than you think it is.
You simply need to create an account, download the app, and drop your files into your Locker folder. That's it. The app encrypts your files in a matter of seconds. You can now upload them or transfer them over the internet. Due to state-of-the-art cryptography, no one except you and the recipient will be able to access and use these files.
John believes that the best things in life are simple. He uses the same approach when he’s writing about online security. John says that his #1 pet peeve is phishing scams. Ironically, his favorite non-work related activity is fishing.