Have you ever given a thought to how much of your personal information you have placed out into the internet? How many sites have you been on that require name, email, address, phone much less more sensitive information like credit card or banking information? Have you ever thought about what those sites are doing to protect your information? Seems like every time we turn around there is another news report of this corporate entity having a security breach or that corporate entity being hacked. Sometimes it seems like your data isn’t all that safe. Well, guess what? Sometimes it’s not. Your data is only as safe as the company who has your data’s least restrictive policy. But industry-wide, how safe is data on the internet? How is data protected?
One of the first steps (and by no means only!!!) to protecting data is to encrypt it. What does that mean, you ask? Simply put, it is a way to change data so that you must have a known piece of information (such as a key or password) to decipher it. Pig Latin is a real world (and very simple) form of encryption. Ig pay atin lay an cay e bay ard hay o tay nderstand uay. At least if you don’t know the key. To “encrypt” your phrase into pig latin, you take the first letter off of a word and create a new word after your word with that first letter followed by “ay”. So your “key” is knowing that the word “PIG” becomes “IG PAY”. And to “decrypt” your pig latin? Yup, you take the first letter of every other word and add it to the word before it and remove the “ay”. So the garbage sentence above suddenly becomes “Pig latin can be hard to understand.” Don’t let anyone say you know nothing about encryption!
So what does Pig Latin have to do with how corporations protect your data? Not much, it’s true. But it is a good way to introduce what encryption is. But now that you have the basics of what encryption and decryption are, it’s not much harder to understand what corporations are doing with your data. Think about the pig latin. When you are sitting in front of your computer on that shopping site and you are entering your credit card information in, what’s happening is the website is taking your credit card information and turning it into its own version of pig latin (read encryption). It then transmits that pig latin (encrypted) data across the internet (hopefully on a secure connection like HTTPS….we’ll cover what that means in another blog post) to their own database servers. Depending on what the information is, it either stores the data in it’s encrypted form or it applies the key to the data to return it back to its original form. So what is flying over those invisible internet highways are what appear to be garbage data. What hackers specialize in is taking encrypted data and figuring out what the key is so that they can decrypt it. So the harder the key is to decipher, the harder it is to decode the text. It may take time, but any encryption can be broken. It’s just a matter of figuring out the key. So it’s very important that encryption isn’t the only security policy in place, it should be just one of many.
How your data is protected should be very important to you. And the first step to keeping your data protected is to understand what is happening to your data when it leaves your computer. If you have an E-Commerce site, how you protect your customer’s data should be just as important to you. If you have not reviewed your security policies in a while, then let’s make some time to do that. Don’t treat your customer’s data less importantly than you would treat your own.
If you have an E-Commerce site, how you protect your customer’s data should be just as important to you. If you have not reviewed your security policies in a while, then let’s make some time to do that. Don’t treat your customer’s data less importantly than you would treat your own.