Decryption is the process of transforming ciphertext into its original plaintext. This is done through a decryption process. Decryption transforms ciphertext into plaintext for an authorized user, in possession of the decryption key, allowing them to easily read and understand the data or information in front of them. Decryption always hinges on the recipient of ciphertext having a decryption key. In the simplest implementations, letter transpositions were used. For example shift every letter of the alphabet forward three turns “Hello” into “Khoor.”
The main motivation for implementing an encryption-decryption system is privacy. As information travels over the Internet, it becomes subject to access from unauthorized individuals or organizations. As a result, data is encrypted to reduce data loss and theft. Some of the common items that are encrypted include email messages, text files, images, user data, and directories. The person in charge of decryption receives a prompt or window in which a password may be entered to access encrypted information.
What Does This Mean For My SMB?
Encryption and Cryptography are important to an SMB in order to protect the confidentiality of critical and sensitive information. SMB’s may fall under legislative controls such as HIPAA or PCI which require specific forms of data (Health Records, Credit Card PAN information) to be protected from disclosure (protect confidentiality).
The best strategy for SMB’s to deal with such requirements is NOT to have such data in their possession. For example, PCI compliance obligations can often be avoided by partnering with online Web Services that perform the Credit Authorization outside of your website or store and simply provide the SMB an authorization code back. However, in cases where an SMB must collect and store such critical and sensitive data, then AES encryption is your friend and should be used. Just be sure to protect the decryption keys.
Additionally, encryption can turn a lost device event into a financial loss, but not a Cybersecurity Breach by encrypting laptops with Microsoft BitLocker or Apple FileVault. Since Key Management can be an issue, be certain you have a program in place to store the decryption keys in a secure place and not on the devices that are encrypted themselves.
SMB PROTECTIONS BEYOND Encryption
CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:
- Adopt a password manager for better personal/work password hygiene
- Require two-factor authentication on any SaaS solution or critical accounts
- Require 14+ character Passwords in your Governance Policies
- Train employees to spot and avoid email-based phishing attacks
- Check that employees can spot and avoid phishing emails by testing them
- Backup data using the 3-2-1 method
- Incorporate the Principle of Least Privilege
- Perform a risk assessment every two to three years
If you would like more information on this topic, watch this short video:
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Cybrary (Cyber Library)
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’. Sign up for the monthly newsletter to help CyberHoot with their mission of making the world ‘More Aware and More Secure!’