To Avoid Sony’s Embarrassing Fate, Companies Should Be Using Encryption
After a major security breach on Sony Entertainment’s computer networks, the production company has announced that it is pulling the Christmas-day release of its controversial film The Interview. The film is about two men (James Franco and Seth Rogan) sent to North Korea to kill the country’s leader and has been blamed for prompting the recent cyber attack on Sony. While this is by far one of the more serious instances of cybercrime the U.S. has seen this year, the past 12 months have been riddled with one major security breach after another. In response to this year’s sudden rise in cybercrime, many companies are taking steps to ensure that they are not the next victims of an attack by outside hackers. One of the most important ways companies can secure their data delivery services to keep their private information safe is with encryption.
What is Encryption?
Encryption is a method of disguising a data file so that it cannot be read by an unauthorized user. In order to secure their information, a person needs a secret key. This key both scrambles the information so that it is unreadable (encryption) and can be used to unscramble it in order to put the information back into a readable format (decryption). Any unintended recipient who happens to intercept the file would not be able to read the information, giving companies a greater security barrier against hackers.
There are two common data delivery services used by all types of companies: FTP servers and SFTP servers. FTP servers are the traditional method of transferring files between servers but does not secure shared files in any way. SFTP uses the method of encryption to secure file transfers and is therefore the better of the two data delivery services for lowering the risk of a security breach.
Symmetric vs Asymmetric Encryption
The two different types of encryption are symmetric and asymmetric. The difference between the two encryption methods is the number of keys used in the process of encrypting and decrypting files. Symmetric encryption uses a single, private key to both encrypt and decrypt information. This key is known by the person sending the file and must also be given to whoever is receiving the file in order to decrypt the message. The obvious problem here is that an unauthorized user could potentially intercept the key when it is being shared. Asymmetric encryption addresses this risk by using two related keys: One private key and one public key. The private key is never shared, while the public key is made available to the public. The two act as a pair, therefore information encrypted with one can only be decrypted by the matching key, adding an extra layer of security to data delivery services.
After Sony’s embarrassing security hack that ultimately resulted in them shelving a million-dollar movie, no company wants to take a chance with their network security. Encrypting file transfers provides greater security to data in motion to protect sensitive information and reduce the risk of a security breach.