I think the recent news about Whatapp has highlighted the subject of encryption for a number of people but do you know what it is and how it works?
What is Encryption?
In the simplest sense, encryption is taking a piece of information and changing it in some way that only the recipient can get it back in its original state and make sense of it.
How does it work?
The key to understanding encryption is to understand the key! It (typically) uses a combination of so called “Public” and “Private” secret keys that the sender and receiver both know – or at least the applications involved in the transmission know – to scramble data and then reverse the process to make it readable again. It previously came into the public eye with the battle between the FBI and Apple over gaining access to a suspects iphone where Apple refused to hand over the encryption key. This attracted lots of attention with people like Barack Obama and George Bush getting involved in the people’s privacy versus battling terrorism debate. In the end, the FBI managed to “gain access to the information” themselves so they must have some pretty smart people working for them!
You are already benefitting from the advantages offered by encryption to keep your data more secure although you may not even realise it. When you use websites with an address starting “HTTPS” the “S” part stands for secure and tells you any transmission between you and that site is encrypted – hence secured. This is generally indicated by the padlock symbol appearing to the left of the website address.
Furthermore, for Office 365 users you can email safely with the knowledge that your interaction with the Exchange server is fully encrypted as is the part of the process where those emails are sent on to other Office 365 users. Worth knowing though that if the recipient is not another 365 user, that part of the transmission is not encrypted.
Should I care?
I think the answer is, it depends. If you are very concerned about the integrity of your data and whether that data can be intercepted and used by other agencies – competitors etc, then, yes. You need to understand how the applications and systems you use manage your interactions, maybe even how your data is stored on the devices you use locally e.g. laptops / desktops / USB drives etc.