Encryption
Introduction
Encryption is a key aspect of security. Here we focus specifically on its hygiene aspects.
Introduction to Encryption
Digital encryption is a crucial aspect of modern cybersecurity, ensuring that sensitive information remains secure and inaccessible to unauthorized users. Here are the main characteristics and technologies used in digital encryption:
Main Characteristics
- Confidentiality: Encryption ensures that data is only accessible to those with the correct decryption key, maintaining the privacy of the information.
- Integrity: It protects data from being altered or tampered with during transmission or storage.
- Authentication: Encryption helps verify the identity of the parties involved in communication, ensuring that data is sent and received by the intended individuals.
- Non-repudiation: It prevents the sender from denying the authenticity of their message, providing proof of origin.
Encryption is a fundamental aspect of protecting data at each stage of handling data.
At Rest
Data at rest can be found in various storage locations. Wherever data resides, it must be encrypted.
In Transit
This means whenever data is moved from one location to another, such as over a network. In transit data must be encypted.
In Use
This means data that is currently being processed by an application or system.
Keys
Robust encryption requires strong keys (https://en.wikipedia.org/wiki/Key_(cryptography)).
Follow prevailing standards on encryption keys.
- in terms of their strength
- in terms of their own protection
- in terms of good practice such as regular rotation
Technology
Under the technology section, please look under Encryption.
Applying Encryption
First of all, there is almost no circumstance where encryption should not be applied.
Applying Encryption starts from the outset with the idea.
Applying encryption alone is not enough. It is part of any good, multi-layered approch to Security