Now that businesses have embraced the internet whole-heartedly, sharing information across public internet connection is inherently risky, as there’s always a chance that a nefarious hacker could intercept the information and glean your business-critical confidential information!
Thankfully, as the technology that allows us to connect over long distances as evolved, as have the ways that we can protect that information from being read, even if it is intercepted!
So, if you’ve ever had a leak, hack – or just want to keep your information yours – keep on reading and we’ll go through some of the more common methods of securing your data transfers.
In a nutshell, encryption simply means translating a message into an unreadable code, which can then be deciphered when the information reaches its destination, using a ‘decryption key’ that matches the ‘encryption key’ that was used originally.
To make it super-clear, here’s a step-by-step of the process:
Let’s say we wanted to securely transfer the sentence ‘The quick brown fox jumps over the lazy dog’…
In this example, we’ll use a simple encryption key, also known as a cypher, that will alter each letter of the message to the next (A becomes B, B becomes C etc.).
The quick brown fox jumps over the lazy dog = Uif rvjdl cspxo gpy kvfs uif mbaz eph
We’d also need to make sure the person receiving the code knew the code too, so they could decipher it once received. And as you can see, the encrypted text is now unrecognisable and unreadable. Or is it?
While this may be fine for swapping messages at primary school, any cryptographic program or cryptographer worth their salt could break such a simple code in seconds!
Thankfully, our computers can handle much more complex algorithms, encrypted several times over, to mask the initial data. This type of encryption is regularly used in the working world to securely transfer data with one of the most widely used called AES, or Advanced Encryption Standard.
Encrypting our previous example using AES, we would need a password that would be shared between sender and recipient, as the password affects the resulting message. If we choose ‘BDR’ as our password; the original message becomes:
Now this is unreadable… Not only to humans, but depending on the specific algorithm used, AES encryption could take millions of years for even the most advanced computers to decode!
Even within AES encryption, there are variations in the complexity of the encryption. AES 128, which is the specific key we used above, re-encrypts the data 10 times before producing the end result – even the US Government use AES-128 for Classified information up to ‘Secret’ level! For even more sensitive information, there are 192-bit and 256-bit keys that process the data 12 or 14 times for increased protection.
Virtual Private Network (VPN)
A VPN, or Virtual Private Network, is a software solution that also increases the security of your data transfers.
It works by creating an encrypted data tunnel between your local network and an exit node at the server that you’re connecting to. Just like above, where we encrypted the file itself, a VPN encrypts the data within the file alongside all the other internet traffic that travels from A to B, with the VPN’s server acting as a middleman.
Because of the encryption and routing through the VPN’s servers, your internet service provider can’t see what you’re doing online, your IP address or your actual location!
However, it’s not as simple as downloading one of the many VPNs that have been heavily promoted over the last couple of years. VPNs also change your IP address – which may be useful if you want to see what’s different on the American Netflix – but it’s not so great when you’re using it for business.
While this may not seem a huge issue, many operations will already prevent external access from IP addresses that they don’t recognise. This means that if an employee creates their own VPN and tries to connect to the central file server, there’s a good chance that the existing security platform would prevent access and alert a member of the IT team to a ‘suspected attack’.
The effects of this are obvious – time wasted investigating the issue that could be better spent on real threats. But there are other benefits. VPNs are great at blocking annoying pop-ups and website trackers, which means less chance of employees falling foul of a fraudulent advert that’s actually a phishing scam!
That’s why we’d only recommend a VPN if it’s owned by the business and managed by a central team, either internally or outsourced to 3rd party experts.
Managed File Transfer (MFT)
Our next acronym stands for Managed File Transfer, and MFTs were created from the ground-up specifically for this challenge… Hallelujah!
Just like VPNs, there are many competing services and technologies but in essence, these platforms reliably exchange electronic data between systems in a more secure way. And because MFT platforms were designed specifically for secure data transfers, most include far more functionality and oversight than our previous solutions.
Admins can check on the status of transfers in near-real-time and can quickly limit or approve the types, locations and sizes of files that staff want to move. Depending on the specific platform, the experience can be incredibly simple for staff too, with easy-to-use apps and simple drag-and-drop functionality.
If the business is regularly moving critically important files and needs the highest levels of compliance, we’d certainly recommend exploring the companies that provide MFT platforms, or speaking to an expert like BDR, to quickly uncover the right system for your needs!
If you’re working with other businesses and need a level of security that guarantees files won’t get intercepted, then a decent VPN will do the job nicely. As would an encrypted file – as long as people on both ends of the transfer know the decryption key!
And we haven’t spoken about physical data transfers like back-up tapes, which are a great way to secure data, given it’s on physical media that can be silloed from internet connections.
No matter the technology you’re exploring, there’s no point investing in a solution until you know it works!
BDR Group has supported thousands of businesses since it was founded in 1991, with the experience to recommend, deploy and manage the right solution for your specific operation. So, get in touch on 0800 975 3000 to start on your journey to a more secure future!