Data Encryption
Stop Cyber Criminals From Intercepting Your Data
Encryption is a difficult concept to grasp, but it’s a necessary part of protecting your dealership's sensitive data. Unencrypted information, like this webpage you’re currently reading, is written in “plaintext.” At a basic level, encryption is the process of scrambling this plaintext into what is called ciphertext to render it unreadable to unauthorized users. You can encrypt individual files, folders, volumes or entire disks within a computer, as well as USB flash drives, and files stored in the cloud. An encryption key is needed to convert plaintext to ciphertext, and more importantly vice versa to convert ciphertext to plaintext.
The purpose encryption is to protect data stored on a computer or network storage system or data that is shared external to your network. To be in compliance with the Safeguards Rule, all dealerships that collect personally identifiable information (PII) like names, birthdates, Social Security numbers and financial information must secure that data. Your dealership can also be sued if a computer containing PII is stolen and the information is leaked or shared.
Data At Rest Versus In Transit
When data is stored on a hard drive or on a server, it is considered data "at rest". When data is sent for tasks such as email or over the internet, it becomes data "in transit", or data in motion. Historically, data at rest was the target of breaches so techniques like full-disk encryption and file-level encryption were used to protect the data in the equivalent of a fortress, often with the protection of a firewall. Data in transit continues to grow in parallel with the explosion of mobile devices, the internet of things (IoT), 5G networks and hybrid multi-cloud environments (where some data is stored on premises and some in the cloud). As a result, it has been a growing target of cybercriminals and poses greater challenges to securing it.
Data At Rest Encryption Process
Data In Transit Encryption Process
