Portfolio Project

Encryption article for an IT support company

The importance of encryption for GDPR

 GDPR (the General Data Protection Regulation) is now in force, and that means organisations have a legal requirement to protect personal information that they hold.

You must, for example, implement adequate security precautions to protect that data.

And if you have a data breach – say by a hacker accessing your systems – then you must inform the ICO (Information Commissioner’s Office) within 72 hours. You also have to inform everyone whose data is at risk.

Otherwise you could face a hefty fine.


The good news, though, is that if the data is encrypted then it’s considered secure. So you don’t have to inform anyone.


A particular risk is personal data held on a mobile device such as a laptop. If you have encryption, then the data is secure. If not and the laptop is lost or stolen, then you must disclose a data breach. That’s even if the laptop is password protected, because these days hackers can easily bypass the password.


So what is encryption?


Basically, it’s the process of converting digital information you can read (such as customer passwords and bank details) into a string of unintelligible characters. The only way you can make sense of the data is to convert it back to the readable form using an encryption key.


Without the encryption key, the data is meaningless.


Modern encryption technology uses powerful algorithms and is very robust – but it’s not expensive. You can actually get it for nothing. Windows Pro devices, for example, come with free encryption (BitLocker), as do Mac devices (FileVault). There’s also lots of free encryption software available online (e.g. VeraCrypt, AxCrypt, GNU Privacy Guard and 7-Zip).


The only problem with free encryption is if you lose or forget your encryption key. If that happens then you will be permanently locked out of your device, making it totally unusable. You may as well destroy it.

Centrally-managed encryption.


One way around that risk is to use a centrally-managed encryption solution such as ESET Endpoint Encryption. ESET is a global leader in encryption and cybersecurity, and has over 100 million users worldwide.


Here at IPS, we’re an authorised ESET reseller. We can manage your encryption for you and securely back up your keys. If a device is lost or stolen, we can remotely lock the encryption key to make the device unusable. The software also allows you to encrypt portable USBs and folders on your device.


So you can ensure the security of the personal data you hold.


Want to know more on encryption? Get in touch now

© 2012–2020 by David Bain / Write On Target