Encryption

July 12, 2022

As data breaches and cyber attacks make headlines with increasing frequency, businesses and consumers alike are looking for ways to better protect their data.
One way to do this is by encrypting data at rest, which is data that is not currently being used or accessed.

Benefits of encryption
Perhaps the most obvious is that it makes it much more difficult for unauthorized individuals to access the data, for example in case of a data breach.
Even if an attacker were to physically obtain the drive, they would not be able to read the data without the proper encryption key. This can be a helpful obstacle against criminals, as well as a way to protect data in the event that a device is lost or stolen.

Possibilities
There are a number of different ways to encrypt data at rest. This can be done at file level or entire drive level.

One popular method is to use full disk encryption, which encrypts the entire drive, including the operating system, all of the files, and the free space.
This is a very effective way to encrypt data, but it can also be time-consuming and resource-intensive.
Useful tools for this are Veracrypt, which is open source and free. A more business oriented environment could use Microsoft’s Bitlocker.
Another popular method is to use file-level encryption, which only encrypts individual files.
This can be a good option for businesses that only need to encrypt certain types of data, such as financial information or personal health information.
File-level encryption can also be less resource-intensive than full disk encryption.
This might also be a preferred approach in a Bring-Your-Own-Device cultured business where the endpoints are harder to manage.

Some useful strong tips while implementing

No matter which method of encryption you choose, it is important to make sure that you have a strong encryption key
This key should be sufficiently long and should be a mix of uppercase and lowercase letters, numbers, and symbols
It is also important to keep the encryption key safe and to never store it on the same device as the data that is being encrypted
TPM chips help with keeping a key safe, while not asking the end-user the encryption key every time it’s needed
When choosing a method of encryption, businesses should consider their needs and the resources that they have available.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-51190277-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	No description
li_gc	5 months 27 days	No description

Encryption

This post was provided by our colleague: Sander Vanrapenbusch

Want to know more about this topic:

Contact us at hello@thesecurityfactory.be