Home » cyber security » Got Encryption?

Got Encryption?

Personal data is highly valuable — not just for the businesses, organizations and agencies that maintain it, but also for the hackers who go to extremes to gain access to it. Once a system vulnerability is exploited and the information extracted, hackers can command a substantial price per record on the black market where the stolen data can be used for fraud, identity theft or other nefarious activities.

However, the degree of usefulness of personally identifiable information depends on that information’s readability. If the records are indecipherable due to data encryption, they have little value for illicit activities. This is why data encryption is absolutely essential.

In addition to a complete breach response plan, encryption helps to limit the damage done by an attack. The recent incident at LastPass, the cloud-based password management platform, serves as a demonstration. Although hackers accessed LastPass’s sensitive information, including master passwords, security question responses and email addresses, the salting and hashing methods applied to the records make it more difficult for the data to function for any criminal activity.

In contrast, the recent data breach at the Office of Personnel Management (OPM) – where an estimated 18 million records were compromised – was successful because the data wasn’t encrypted. In addition to personal details, the compromised data included security clearance information and background investigations that could be extremely damaging to individuals’ privacy, as well as our national security. The lack of encryption on these files has created a disastrous fallout for the OPM, which is facing a class action lawsuit for mishandling information and failing to put data safeguards in place.

Regardless of whether your organization currently employs data protection methods or you’re trying to implement a plan, there are ways to improve your data encryption. For instance, managed security services can help organizations understand whether their information is encrypted, and how vulnerable the network is to data loss. With this guidance, companies can undertake data encryption efforts affordably and effectively, and avoid a fate similar to OPM.

For more information on Lunarline and our three-prong approach to cyber security, visit Lunarline.com or contact us today.

About Spence Witten

Spence has somehow survived ten years at start-ups and small businesses without suffering a (major) nervous breakdown. As Lunarline's Director of Federal Sales, Spence actually loves working on proposals. If there were any doubt, this is proof that he is in fact certifiably insane. While his title says "Sales" Lunarline doesn't let him off that easy. We make him do real work, too. Luckily he's a recognized subject matter expert in security policy and loves helping clients navigate their way around tricky security compliance standards. He's also been known to lead a software development initiative or two, though that pretty much always ends poorly for everyone involved. He can be reached at spence.witten@lunarline.com.