While there are only two main types of encryption, symmetric and asymmetric, many different algorithms are used to encrypt data using one of those types.
The various standards have been developed with different security needs in mind, some of which may be pertinent to your business.
Advanced Encryption Standard (AES)
Established by the United States National Institute of Standards and Technology (NIST) in 2001, AES encryption is one of the most widely used algorithms globally.
AES encryption uses three different block ciphers whose lengths are all 128; however, their keys are 128, 192, and 265 bits. AES is a symmetric cipher, so it uses the same key for encryption and decryption.
Data Encryption Standard (DES)
As far as encryption standards go, DES encryption is considered relatively low-level. In 1977, the U.S. government created this standard, but it’s become obsolete for protecting sensitive data due to advances in technology. It’s asymmetric encryption that only has a length of 56-bits.
Triple DES
As the name implies, this encryption method simply runs DES encryption thrice. It’s a way to bolster the strength of the obsolete DES encryption.
RSA
This is public-key encryption that’s typically used for securing data transmissions. The acronym comes from the three computer scientists’ surnames who created it, Ron Rivest, Adi Shamir, and Leonard Adleman.
The National Institute of Standards and Technology (NIST) recommends that RSA encryption keys have a minimum of 2048 bits.
SSL/TLS Certificates
When you visit a website, and most of the time, you’ll see a padlock icon to the left of the URL.
This means that the website uses a secure sockets layer (SSL) encryption and has the certificate to prove it. Sites with SSL certificates will also have URLs that begin with “HTTPS://” rather than “HTTP://.”
The purpose of SSL is to maintain secure internet connections so that cybercriminals won’t be able to intercept, read, or modify data transferred between two systems – in this case, your computer and the server where the website is hosted.
There have been multiple versions of SSL, in part because new versions were necessary to adapt to increasingly sophisticated attacks, and eventually, a new version was generated: Transport Layer Security (TLS). However, the SSL name stuck, so it’s still in use today.
Understanding “bits” in encryption
The potential strength of an encryption algorithm key is determined by its length, which in most cases is dependent on the length of the password used to create the key and the types and variety of characters it’s composed of.
For example, the password “1234” is 5 bits in length, while “123a” creates a key 12 bits in length, and “qwerty1234!” is 21 bits.
The more bits an encryption key, the more secure it is, though that comes at the cost of ease of use (e.g., it’s harder to remember/input a longer, more complex password).
The commonly used AES encryption algorithm takes data in hexadecimal form and scrambles it several times to generate 128-bit, 192-bit, or 256-bit keys.
While 128-bit keys are quite strong, most government regulations require that the 256-bit key be used because they are essentially un-crackable.
Using data encryption to protect your business’s private data
Many individual users need little more than standalone encryption solutions to sufficiently secure their system and device data. Still, SMBs and larger organizations have to think about encryption with their entire IT security strategy in mind.
A good encryption solution should integrate with your systems seamlessly so that it doesn’t take up much mental space if any; you shouldn’t have to “enter a password” every single time you want to access encrypted data. Such solutions might secure data, but they’re a pain to use.
If tackling data encryption seems too daunting to get a handle on, don’t worry. It doesn’t need to be something your organization handles on its own—the same goes for all your IT security needs.
If you’re unsure which encryption solution is the right fit for your organization, don’t hesitate to reach out to us and inquire about our Managed IT Security Services.
We’ll take a comprehensive look at your current IT security and partner with you to pinpoint which solutions are best suited for your unique business situation.