IT administrators managing the computer systems of businesses have to be aware of all the different threats that can cause havoc. Part of the process of creating security involves the encryption of information stored and transmitted by the company.
These data encryption terms describe some of the key aspects of keeping digital information safe.
The process of asymmetric encryption occurs when information is encrypted with one key and then decrypted by another key. In this case the sender encrypts the data using the receiver’s public key. The recipient then uses their own private key to decrypt the information.
This term refers to the quality of the data transmitted. Specifically, the amount of data lost or altered in transmission or the altering of the authentication during the data transaction.
When data is to be released upon the satisfactory completion of authentication conditions, the keys to data encryption may be held by a third party that releases the data only upon the successful completion of authentication requirements.
File-level encryption is a cryptographic technique, at both the hardware and software level, that locks away individual files or file folders within the hard drive. This protects the information held within the file or file folder. However, the metadata remains unencrypted, revealing data such as file size, number of files in a folder and the structure of the file directory.
HSM (Hardware Security Module)
Hardware devices that are dedicated to creating cryptographic keys while storing and protecting them are referred to as HSMs. They’re utilized in an effort to lock away important cryptographic information, thus increasing the security of data encryption.
Key Encrypting Keys
When adding an additional layer of security, keys encrypted with key algorithms that are symmetrical protects the original key. This is also called “key wrapping keys”.
Similar to a skeleton key for physical locks, the master key in cryptography refers to a key that can be used to create other keys that are used in a symmetrical fashion.
When information is both encrypted and decrypted using the same private key, both sides need to communicate the key on a separate channel of communication to unlock the information without risking the interception of both encrypted data and key.
When the entire hard drive is encrypted via software or hardware, the process is called whole-disk encryption. This prevents unauthorized users from obtaining any information whatsoever about the data within without the key, including number of files, operating system or the directory.