Opinion: Keeping encrypted data encrypted

Do not use the same encryption key to encrypt all your data

The push to encrypt all data stored to mobile corporate storage devices is on. Laptops, desktops, thumb drives, disk and tape cartridges -- you name it, there is a product out there that can encrypt data stored to it. But to keep encrypted data encrypted requires that users take some additional precautions. Here are a few tips to help you do that.

  • Use complex passwords as encryption keys. The effectiveness of an encryption algorithm is only as good as the encryption key used to encrypt the data. A 256-bit AES encryption algorithm becomes very hackable if you use your middle name as the encryption key.
  • Do not use the same encryption key to encrypt all your data. Once you come up with a great 25-character password that is a mixture of letters, numbers and special characters, avoid the temptation to use it to encrypt all your data all of the time. Minimally change it monthly or, in extreme cases, every day.
  • Never, ever share your encryption keys. Encryption keys are the keys to decrypting your corporate data. Establish policies as to who should access these keys and under what circumstances, and institute severe penalties for violation of these procedures. Compromised policies mean compromised data.
  • Use a third-party product to generate and manage encryption keys. The only thing worse than a hacker decrypting your data is finding out you can't decrypt your own data because you can't find or don't know which keys go with which data. Third-party encryption key software minimizes this possibility by generating and managing the encryption keys.

Encryption does not secure your data, it only makes it harder to read. Making it impossible to read depends upon your company implementing sound encryption key generation and management practices and then sticking to them.

Jerome Wendt is the president and lead analyst at DCIG Inc. He may be reached at jerome.wendt@att.net.

Copyright © 2007 IDG Communications, Inc.

8 simple ways to clean data with Excel
  
Shop Tech Products at Amazon