OIT > Security > Data Encryption

Data Encryption

Summary: Encryption software for those who need to protect sensitive or restricted data.

• Encryption
• Data Types
• Encryption Tools

Encryption

Encryption is the process of concealing data by using a code. After encryption, in order to read or use the concealed data, the code used during encryption must be known. This process is called decryption. Encryption and decryption are used to allow access to data only to those who have the code. To those who do not have the code, the data is unusable.

In computing, encryption is primarily used to protect data in one of two instances. The first is to to protect data at rest. The second is to protect data in motion. An example of data at rest is a spreadsheet with data located on the hard drive of a desktop or laptop computer. An example of data in motion is using a web browser to get data from a remote server.

Data Types

The following are some common types of data that can be encrypted. The first list is various types of data at rest, while the second is of data in motion.

Data at rest

• Individual files and folders
  Many free and commercial products are designed explicity for the purpose on encrypting specific files and folders of data as determined by the user.
• Partitions or Volumes
  Some products are designed to encrypt all of the data on an entire partition or volume requiring little interaction from the user.
• Entire Physical Disks
  Some manufacturers are producing hard drives with encryption built in, to allow for the encryption of all data on the disk.

Data in motion

• Secure shell (ssh)
  SSH encrypts all data between two ssh enabled computers.
• Web traffic (https)
  Most web browsers support the exchange of sensitive data between the client and host when necessary using https for communication.
• Instant Messaging
  Several instant messaging clients support plugins that allow for the encryption of all messages sent between parties via instant messaging.
• Email
  Some email clients support plugins that allow for the transmission of encrypted email messages sent between parties via SMTP.

Encryption Tools

Here are some common tools that can be used to encrypt data. Some of the tools are commercial while others are free. Also, listed with each tool are the types of data the tool is designed to encrypt, as well as information about whether the tool is designed to protect data in motion or data at rest.

Encryption Tools for Data at rest

• TrueCrypt
  Free, open source software for encryption of volumes or folders. Great for individuals, small work groups, and portable media.
• CheckPoint
  Commercial software for encryption of volumes and removable media. UC has a purchasing agreement in place.

Encryption Tools for Data in motion

• Off-the-Record Messaging (OTR)
  OTR encrypts all data between two instant messaging clients, if that client supports the OTR plugin.
• GNU Privacy Guard (GnuPG)
  Free software that is a complete cryptographic system usable for a variety of encryption uses.
• EnigMail
  Enigmail is a plugn for Mozilla email clients (including Thunderbird). It uses GnuPG for sending and receiving encrypted and digitally signed email.

Top of Page