What is Data Encryption
Data encryption is a security method where information appears scrambled or encoded and can only be decrypted by a user with the correct encryption keys.
How is Encryption Used
Encryption is used first and foremost as a deterrent but it certainly is a very important line of defense against malicious and negligent parties and makes the use of encrypted data very difficult. Encryption can be applied to all kinds of data from documents (unstructured data) to databases (structured data) and to data such as classified government intel to personal credit card transactions.
Symmetric and Asymmetric Encryption
Encryption can be applied in two different forms: a symmetric key or an asymmetric key. A symmetric key, also known as a secret key, uses one key to both encrypt and decrypt the data. This is best for one-on-one information sharing or for small data sets. Asymmetric, or public key encryption, uses two linked keys, one private and the other public. The public key is used to encrypt and can be used by anyone. The private key, as the name suggest, is kept private and used to decrypt.
Compliance Requirements for Data Encryption
A Word of Caution on Data Encryption
Data encryption is a great deterrent against malicious and negligent parties as mentioned above but if your privileged users’ credentials are compromised then chances are the private keys used to decrypt may also compromised. Which is why implementing encryption may not be enough to protect your sensitive data. Implementing data access controls and monitoring privileged users (system admins and DBAs) as well as the service accounts that have access to your data is strongly encouraged. Check out our Solutions page on Data Security and Cloud Database Security to understand the holistic approach to data security.