Advice on when and how to encrypt can be found below:


How does encryption work?

Information (data) that is not encrypted is referred to as plain text. Encryption is the process where by information is converted into a non-readable format called cipher text, by using a complex mathematical formula and a unique key. The key is what unlocks the information, just as a key would unlock a door, and a common example of a key is a passcode or password.

Only people who have the key can decrypt and access the information, therefore to protect the encrypted information the key needs to be protected. Generally, encryption works in two ways: you can encrypt the information in transit (such as transmitting information online) or at rest (for example the information stored on your laptop).

Encrypting information in transit

Information that is not encrypted whilst in transit (e.g. online) is vulnerable to being intercepted or monitored. It is for this reason that users should ensure that private online communications such as online banking or making purchases are encrypted. The most common type of online encryption is HTTPS which encrypts all the traffic between your web browser and a website that you visit.

The image below shows the information provided when you hover a curser over a padlock icon (the padlock advises that this site is secure i.e. the connection to the server is encrypted).
















Encrypting information at rest

The main purpose of encryption at rest is to protect information from unauthorised access and a method called Full Disk Encryption (FDE) is used; this is generally considered to be the most secure method. This means that all the information on the disk is encrypted automatically and the user does not have to decide which information to encrypt. Selected  information files can also be encrypted prior to storing them on small portable storage media (USB, CD etc.), or within unsecured consumer cloud storage services (e.g. Dropbox).

A key point to bear in mind is that encryption is only as strong as your key (e.g. passcode or password). You need to protect your key; if someone guesses or compromises your key they will have access to your information.

See Also