What is Encryption?

what is encryption

In this post, I will explain why encryption is important to your cyber self defense strategy.

Most of the applications and online services you use on a daily basis exposes a lot of your personal data to the internet. The data may be documents, text messages, emails, video calls, browsing activities or credit cards.

Every piece of data you fail to secure can be used to exploit you. This is why you will have to embrace encryption.  With encryption in place, your data is useless to anyone who is not authorised to access it.

What is Encryption?

Encryption is a method of encoding data in such a way that it prevents unauthorised individuals from decoding or understanding the data encoded.

When you encrypt your data, only you and any authorised person can decode the data. This way, your data is protected against any third party.

Encryption is a very strong layer of security against prying eyes. Even when your device is compromised or your connection is intercepted, with encryption properly set up, the attacker will find no useful information because everything will appear gibberish.

How does Encryption work?

Encryption work by using an algorithm to encode data and the authorised person uses a key to decrypt the data.

Simply put, encryption works like a Pad Lock. Once you lock it, only a person with a key of the same Pad Lock can open it.

How do I encrypt my data?

There are a lot of tools available to use. Some of these tools are built-in while others are third party applications. Data is stored in different forms. Some are stored in your computer devices, some are stored on the internet while some are processed as traffic. So you would want to encrypt anything that has to do with your information.

Encrypt Data stored on Computer Devices

You should start by encrypting the content stored on your computer devices (Smartphones, Tablets, Laptops , Drives, routers e.t.c).

There are two options available: we have the full-disk encryption (FDE) and file-based encryption. Full Disk Encryption will encrypt the whole data in the device. While File-based Encryption will encrypt only selected files or folders. But in both cases, you must provide a Key to be able to access the data encrypted.

In Windows Operating System, you can use BitLocker, a third party encryption tool, while in MacOS, there is a built-in encryption tool called Filevault.

Encrypt Data Stored on the Internet (Cloud Storage)

We make use of cloud storage and synchronising services such as Google Drive, Microsoft OneDrive, DropBox and other cloud services to store and sync our data. Since the data are stored on the Cloud Service Provider’s Servers, they have access to all the files we store and sync.

To ensure that only you and any other authorise person, has access to the data you want to store on the cloud, you should encrypt the data before sending it to the Cloud Service Provider.

To do this, use Boxcryptor. Boxcryptor is compatible with most of the popular cloud storage services and will ensure your data is encrypted before sending to the cloud.

I highly recommend you an end-to-end encryption storage service such as Tresorit. You do not need to use any third party tool to encrypt your data since encryption is by default.

Encrypt your Emails

Anytime you send an email, it goes through your ISP and your ISP send it to a Mail Server and the Mail Server forwards the email to the final recipient. Before the email gets to the final recipient, it could be intercepted by anyone interested in your email conversations.   

So encrypting your emails is a must if want to keep your conversations confidential.

Most of the email services providers like Gmail, Yahoo, Microsoft OutLook, etc do not offer encryption to their clients so there is need for a third party tool which can be integrated with your email service provider to be able to send encrypted messages.

Pretty Good Privacy, PGP is one of the many encryption solution to the Plaintext email platforms. PGP allow users to send encrypted emails through a public-private key method. PGP can be integrated into any email service.

Alternatively, there are email service platforms that provide end-to-end encryption by default. One of them is Protonmail. With Protonmail, you are not required to integrate any third party encryption tool since the platform already provide for encryption.

Now anyone who intercept your emails will be frustrated.

Encrypt your Internet Traffic

It is very important to encrypt your internet traffic to have a private browsing experience. Without encryption, all the websites you visit, including your activities on those websites can be seen and accessed by your Internet Service Provider (ISP) or a malicious hacker.

If you know you visit some websites that are very PRIVATE to you, then you should never visit such websites without encryption properly in place.

Through your browsing activities and history, advertisers will know what you do online and serve you personalised ads which may be annoying most times.

To avoid anyone from spying on your internet activities, use a Virtual Private Network (VPN). A VPN will encrypt your internet traffic, provide a private and anonymous connection to the internet.

I must let you know here that, even though your Government or ISP no longer know what you do online because you connected through a VPN server, your VPN Provider may keep logs of your activities. So before choosing a VPN, you should read their Privacy Policy before signing up for any service.

Read also: Two Most Secured VPN You Should Use

Encrypt your messages

You should make sure you send messages over a secure platform that offers encryption by default. Your messages can be dumbed from your phone memory and the attacker can read all your text messages.

It is no longer secure to send SMS on your smartphone the traditional way, instead, it is more secured to send messages over an app that offers end-to-end encryption protocol.

Some of the apps that offer end-to-end encryption, E2EE, by default include WhatsApp, Signal and Viber.

Since the above listed apps use E2EE, it means that the Private Key to decrypt messages is stored on your device. So you should secure your device against Malware. Because once an attacker successfully gain access into your device, he or she can steal your Private Key and decrypt your messages.

Bottom Line

Encryption alone cannot prevent a malicious hacker from intercepting your data, it can only conceal your content from any unauthorised person. So encryption is just one of the major layers of security. You need other layers of security as well.

Your first line of defense should be securing the device involving the encryption. Make sure your device’s operating system is up-to-date. Run the latest version of antivirus and cultivate safe browsing habits. With this you have built your walls very high.

If you find this information useful, please share with anyone you think will benefit from it.

Facebook
Twitter
LinkedIn
Saint Yome

Saint Yome

Cyber Security Researcher and Consultant.
Founder and CEO of Futtress