Over the past few years, there have been numerous cases of stolen data from companies. Everything from credit card companies to hospitals have lost the personal data of people. I myself had my credit card data lost, because an employee had account numbers, credit card numbers, and Name on a stolen company laptop.
After so many years of this happening, I wonder “Why isn’t this data encrypted?”
There are many ways that this can be accomplished. Many companies use hardware encryption, but some criticize it for the use of keys as small as 40 bits. There are many advantages to hardware encryption such as the speed that it can encrypt the data. Also, all the data is encrypted on the drive itself so it places little load on the processor. Because of this, real time encryption and decryption is very quick.
Another way to handle your encryption need is with software encryption. This is done with a program and mounts an encrypted drive image you want your data to be stored on. It can be an entire drive or just a portion of the drive. Some of the disadvantages of software encryption is that it places a load on the processor to do real time encryption. Depending on the speed of your processor, your memory, and the speed of your hard drive, the encryption can take more time than you want. The advantages to software encryption are that you can create hidden encrypted drives or even hidden encrypted drives, within hidden encrypted drives. They also get to choose your encryption algorithm you wish to use for your encrypted drive.
With these two options, I do not understand why companies do not encrypt sensitive data. So much data can be carried on a USB stick that it could potentially compromise thousands of people. If that data is encrypted, then the risk is greatly lowered. With it unencrypted, there is no protection from having your customers’ information from being compromised if it is lost.