Most businesses are catching on to the importance of encryption as part of their cybersecurity strategy, but what about your personal devices? Should you encrypt your personal email and files? Below we talk about what you should know about encryption to protect your personal data.
As part of this, it’s worth noting that for many people, personal and work data and devices are increasingly the same, perhaps making encryption a priority.
What Is Encryption?
Encryption broadly is a way to protect data. This protection can extend to data you send, receive and store. You can use encryption to protect data on your smartphone or your computer.
When you use encryption, it’s a process of scrambling readable text. As a result of that scrambling, even if someone gains access, they can’t read the data. The data can be read-only by the person with the encryption key, which is a code.
The unreadable format created via encryption is called ciphertext. The use of ciphertext keeps digital data confidential not only when it’s stored, but as touched on, when it’s transmitted as well. When the person intended to receive the message or data gets it, it goes through translation to its original form.
Both a sender and a recipient need to have an encryption key for this to happen. An encryption key is an algorithm collection that scrambles and then unscrambles data.
There are symmetric encryption systems and asymmetric.
A symmetric encryption system uses one password for encryption and decryption. Asymmetric encryption will use two keys for encryption and then decryption. The first is a public key, shared by users, that encrypts data. Then, there’s a private key not shared that decrypts it.
Encryption for Email
If you don’t encrypt your email, it can be accessed by third parties at various points in the journey.
For example, if someone accesses your device, they can get to your emails if they aren’t encrypted when they’re just sitting there, known as being at rest. If you store emails through any type of archiving, this is also a potential risk.
You should aim to encrypt the connection between your device and your email provider, and you should consider the vulnerability of what you’re sending as far as it reaching its intended recipient.
When you encrypt your email, you’re significantly reducing the risk of a hacker getting access to sensitive data.
Ideally, for email, you might use a combination of what’s called message-level encryption with Transport Layer Security or TLS. Then, you’re encrypting the message itself and the method you’re using to send it.
If you choose to encrypt your email, you’re adding security to whatever your email provider is also using.
There’s a tendency to believe that the security features your email provider uses are enough, along with having a complex password and antivirus software. That’s not always the case, however.
Additionally, something to keep in mind is that with emails, you should encrypt them all rather than trying to encrypt only ones that are sensitive or confidential. If you only encrypt one email message because it has your credit card information, as an example, this can actually be a target for a hacker. If you encrypt everything, it becomes much more challenging for a cybercriminal to figure out what’s worth putting their time into.
Encrypting Your Entire Hard Drive
If you want to protect stored data and files, you might opt to encrypt your entire hard drive. Your operating system doesn’t encrypt files automatically unless you’ve specifically turned on options such as FileVault on Mac. There are also free and paid disk encryption programs that you can use, depending on your needs and goals. You can encrypt your documents, pictures, videos, and whatever else you might have stored.
You have the option to encrypt certain files as opposed to your entire hard drive as well.
Again, as is the general case across the board with encryption, when you do it, people who don’t have the key won’t be able to open your files or use the stolen information.
When Encryption Is Used Against You
Encryption is a smart idea on your personal files and devices, as well as your emails.
Encryption can also be used against you, however, which is what happens in ransomware attacks.
Ransomware attacks occur when cybercriminals encrypt computers, servers, and devices. Then, the attacker will demand some type of ransom before providing the key to decrypt whatever it is. Ransomware attacks can occur against individuals, businesses and government entities.
To protect yourself against ransomware attacks, consider the following tips:
- Use security software on all of your devices, including your smartphone.
- Keep your security software up-to-date.
- Update your operating system and any other software, which will patch vulnerabilities.
- Don’t automatically open email attachments because these are the primary way that attackers deliver ransomware.
- Be especially cautious about email attachments that ask you to enable macros to view the content. Macro malware, when you enable it, can infect multiple files.
- Back up all of your data to an external hard drive so that if you are the victim of ransomware, you can restore your files.
- Consider using cloud services to mitigate ransomware.
When To Use Encryption
Overall, when it comes to personal use, the times you’re most likely going to want to use encryption include if you’re dealing with business or sensitive documents. It might not be so worthwhile to worry about encrypting your photos.
While encryption can be beneficial in some cases, when it comes to your personal data and devices, your best bet might be to focus on things like good computer security practices, creating stronger passwords, and enabling two-factor authentication.
If you do think encryption is a good idea for your uses, it’s become simpler and more seamless than ever before, so you don’t have to worry so much about it being a hassle. If you’re just an average computer user and don’t deal with a lot of sensitive information on your personal devices, you may not have to worry about it.