Organizations continue to be plagued by data breaches, and data is leaking from our enterprises in large quantities. However, data leakage is not the only issue. The problems — namely, regulatory fines, brand damage and lost revenue — begin when sensitive data that is readable and accessible falls into the wrong hands. Despite these concerns, security professionals can rest assured that there is a way to immediately stop the madness: Use data encryption.

Data encryption has existed for thousands of years. During all those centuries, the use of encryption has adapted and grown to meet various needs. Back in the day, simple substitution ciphers or scytales worked great, but today’s environment demands methods more rigorous than block encryption.

Stocking Your Data Encryption Toolbox

Just as wizards of technology do not rest on their laurels with a single spell or potion, is it not a good idea to only have one type of encryption in your tool set. Those wizards excel by having a rich set of technologies to choose from, and the skills to use them in a dynamic and challenging world.

There is no doubt that encryption and key management algorithms must be publicly vetted to ensure their strength. However, the application of those algorithms must also be flexible enough to meet organizations’ needs. For example, we all know what a Social Security number (SSN) looks like: It consists of three numeric digits, followed by two digits, and then another four (i.e., 111-22-3333). If we were to encrypt that data, we might end up with a string of numbers, letters and special characters that would prevent an intruder from recovering the SSN, but it could break many applications and databases that process data without maintaining the well-defined format of an SSN. This principle also applies to encrypting names, phone numbers and email addresses.

Fundamental Encryption Techniques

If we cannot encrypt this data, how can we keep it secure? With the right set of capabilities, you can protect specific types of data using the same cryptographic principles in a way that does not interfere with business applications. This enables you to employ one of the following three fundamental encryption techniques.

  • Format-preserving encryption allows data to be truly encrypted but maintain the same format as the original data set. The process takes a little longer because the enciphered data needs to retain formats.
  • Tokenization has no relationship at all to the original data. The token is a replacement for the original data, but is not derived from it. The only way to reverse tokenized data is to look up what the original data was using the token.
  • Redaction is a method in which many characters are replaced with the same letter. For example, a credit card number may by represented by an asterisk, save for the last four digits. You cannot recover the credit card number from a figure such as “**** **** **** 1234,” but you can have high level of confidence that you are comparing the correct card number by cross-referencing the last four digits.

Encryption, tokenization and redaction are just three options for obfuscating data. Remember that any good encipherment or encoding approach must follow the basic tenants of cryptography. That means knowing the algorithm should offer no advantage in decoding or deciphering data. The only way you should be able to decipher the data is by having access to the decryption key.

An Easy and Effective Data Protection Strategy

While it’s crucial for data in new sources and technology platforms to be protected and encrypted, legacy systems frequently contain large quantities of important, valuable data that still need protection. Using cryptographic tools, including file and database encryption, tokenization and Teradata encryption, allows organizations to protect data flexibly while supporting the full technology environment.

Think of data encryption as an easy way to protect data from misuse. By using it, you can get terrific results without having to work as hard as those technology wizards.

IBM Announces New Guardium Data Encryption v3.0 Portfolio

More from Data Protection

Cybersecurity 101: What is Attack Surface Management?

There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface management (ASM) seeks to combat them. ASM is a cybersecurity approach that continuously monitors an organization’s IT infrastructure to identify and remediate potential points of attack. Here’s how it can give your organization an edge. Understanding Attack Surface Management Here…

Six Ways to Secure Your Organization on a Smaller Budget

My LinkedIn feed has been filled with connections announcing they have been laid off and are looking for work. While it seems that no industry has been spared from uncertainty, my feed suggests tech has been hit the hardest. Headlines confirm my anecdotal experience. Many companies must now protect their systems from more sophisticated threats with fewer resources — both human and technical. Cobalt’s 2022 The State of Pentesting Report found that 90% of short-staffed teams are struggling to monitor…

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Meeting Today’s Complex Data Privacy Challenges

Pop quiz: Who is responsible for compliance and data privacy in an organization? Is it a) the security department, b) the IT department, c) the legal department, d) the compliance group or e) all of the above? If you answered "all of the above," you are well-versed in the complex world of compliance and data privacy! While compliance is a complex topic, the patchwork of regulations imposed by countries, regions, states and industries further compounds it. This complexity has turned…