Data encryption? What is it? Why you need it!

In this post I’m going to talk about the reasons why you should and need to be encrypting your data today. This focuses on the individual and isn’t for Businesses as I’ll cover that in another article.

Data encryption? What is it? Why you need it!

How many times have you said yourself or heard somebody say “Oh? I’ve got nothing to hide” or “I don’t get up to anything I shouldn’t online” when the mention of encrypting data or the suggestion of using a service that protects privacy crops up? While this might seem like a logical viewpoint and response to you or them, it’s unfortunately the wrong view to have. If you’re one of these people read on and you’ll see some of the issues surrounding your data that you perhaps hadn’t considered and why data Encryption is absolutely required today.

What is data encryption?

Data Encryption usually involves any type of data which is scrambled using an encoding method based on a encryption algorithm & an encryption key. This encrypted data can then only be decoded again using that key.

What is end-to-end data encryption?

End-to-end encryption also known as (E2EE) protects data in a way that it can only be read by the sender and by the recipient. The encrypted data cannot be viewed by anybody else since without the key the data is just a scrambled mess of characters. This for you with regards to storing files on cloud services means you can safely synchronize your files between computers and not even the cloud storage provider can view what is being synchronized or stored since only you possess the key.

This differs from the type of encryption most Internet services use as they only encrypt the data between you and them while also having a copy of the key used. This means that once the data is on their servers they can see the content. While this prevents data being intercepted mid way it doesn’t protect you from having your data scanned and email content read by the company providing the service.

What kind of data can you encrypt?

You can encrypt anything you can store on your computer or upload to the cloud.. Emails and chats can be encrypted. Commonly lots of things are encrypted in our everyday use of the Internet that we aren’t really aware of because they happen without our really being aware of it.

Do I have to pay for data encryption?

There are free encryption tools available as well as paid ones. The free options usually just provide the tools to encrypt your files and the paid services are usually part of a larger service such as cloud storage although even some of these offer free encryption. When it comes to securing and encrypting your data there are a few tools & services you can use right away.

One of the easiest to start using is Sync. Sync offers end-to-end encryption and 5GB of storage at no cost which makes it an ideal replacement for services like Dropbox who only provide encryption once your files reach their servers which enables them to scan your files for copyright materials and such before they encrypt it.

Having access to your personal information is like gold these days

It’s called targeted advertising, it’s everywhere you look, the more information companies have got about you the more valuable you are to them. The more they know about your life, where you live, jobs, health, finances, relationships, family members, spending habits, browsing habits, the type of files you store the more they are able to influence what you see and do online.

Companies pay big for access to this information because the more they are able to know the more effective their advertising campaigns are as they are paying to promote goods & services to people they already know can afford them, have used them previously, have been searching for them in the past, are known to make large or frequent purchases. Afterall, there’s little point in a company just blowing huge advertising budgets advertising to absolutely everybody, they don’t want people who are unlikely to purchase or use their services clicking on their efforts and costing them money. Each time an advert is clicked it can cost these companies anything from $5-$50 and more in some cases.

Using a Cloud storage provider that scans the content you have in your cloud storage is one of the ways data like this is collected. Oh but you don’t agree with this? Did you happen to read their privacy policy before you started using their service? If not don’t feel bad, most people don’t and as a result simply aren’t aware of what they are agreeing to.

On the more criminal side of things, hackers are searching for not only card credit details but your medical data as it is even more valuable to them. Do you store copies of your medical file on your computer? Do you use any online services to access your medical file? It goes without saying that services like these shouldn’t be set to auto sign in and your medical data should be encrypted if you’re storing copies of it. This goes for Bank & other financial statements, I.D documents, Certificates, Private photos & videos you wouldn’t want released online or in the hands of criminals.

If my mobile phone or laptop/desktop gets stolen, how can I keep my data safe?

There are 5 billion mobile phone users Worldwide, In the UK alone in 2017 there were over 450,000 mobile phones stolen! To get around phones being locked with pin codes or needing a fingerprint to unlock, Thieves are getting ever more crafty & skilled at stealing them and snatch them from the unsuspecting owners hands when they unlocked and the user is completely off guard. To make matters worse more than 30% of people don’t even employ basic security features such as a pin code or an unlock screen on their devices! If somebody is willing to steal your phone you can bet they are willing to do malicious things with the data contained on it.

This of course isn’t the only way to obtain data from your device. How many apps have you installed that requested access to your contacts, photos, sd card etc? Can you trust every app you install? Historically we know we can’t with rogue apps only being exposed weeks or months after setting up shop. With such easy access to all our personal data you need to be proactive and store the most sensitive aspects under lock & key. It’s time to start encrypting.

One way to do this is by using a vault. An encrypted Vault is a folder where you place the files you want encrypted into and then those files are scrambled using a key that only you know. When you wish you access your files you enter the key. pCloud offers an encrypted vault which locks automatically after a chosen duration or when you change the screen to a different app. Without the key no thief is going to be able to view your most valuable data and your data remains safe. Another service that provides this is Sync, Sync also features Remote device lockout.

Using a vault works the same way, whether on your phone, laptop or desktop. You have a secure folder to store your most personal data and it is scrambled with a key that only you hold.

On your computers, it isn’t difficult for anybody to come along and boot up your computer using nothing more than a readily available Linux distribution on a usb stick, plug it into your computer and copy whatever they want from your hard drive. They don’t need your login password. If they were to copy your Encrypted Vault it wouldn’t be of any use to them without the key so your private data contained within it would remain safe.

You are at risk from other people’s data breaches

Without your data being encrypted by you where only you have the key to decrypt it the information you have stored in the cloud is wide open to being stolen should there be any data leaks & breaches. Companies are under constant attack from cyber criminals looking for gold (ie your data) that they can sell on in bulk on the dark web which is why it’s always wise to be diligent and look into how the data is protected for any services you have personal information and data stored with.

In 2014 Yahoo admitted that they suffered a major data breach, 1bn user accounts were compromised in August 2013, making it the largest such breach in history. Yahoo blamed this breach on hackers working on behalf of a government. Look into a company’s past and see if they’ve had breaches and see what they’ve done to prevent further ones before you decide to use them.

Is there anything else I should be concerned about?

In the past I’ve had to email scanned documents as proof of identity (Driving licence, Passport, Birth certificate), this process always left me cold because I don’t know who had access to them or where those scanned documents are now as the companies I sent them to are either closed or were bought by another company or I stopped using the service. Have they been deleted? Are they sitting on a computer still? Are they encrypted? Are they safe? There needs to be more done in situations like these to ensure that once the proof has been processed the data is destroyed. I would advise against sending scans of all your I.D to any site unless you are certain of how that data will be handled.

Of the sites I sent mine to, bearing in mind this was over 10 years ago. One was a prepaid mastercard and another was an online casino before they would pay my winnings. I’m far more careful with my personal data now. If you no longer use a service and it’s been a while it’s sensible to return to it and close that account or just remove things like payment details as your odds of running into issues increases with every site you leave your card details sitting on.

How much do I need to Encrypt?

The more the better! It doesn’t matter which way your data ends up being exposed, the end result is the same, your data is exposed. Putting safeguards in place so that if your data does get exposed you know you are protected regardless of who or what is responsible. Be proactive and diligent when it comes to your privacy and private data.

Think others would like this? Share this page