Encryption

Encryption

Encrypt data at rest and in motion to ensure cyberattackers never gain access to your sensitive data or proprietary information.

Protect sensitive information from hackers and unauthorized users.

Meet compliance requirements.

Implement a multi-layered defense against threats.

Data Encryption Is Your Last Line of Defense Against Security Threats

Sophisticated cyberattacks are becoming more frequent every year, and the consequences can have a lasting effect on your organization. When you factor in the exposure of valuable intellectual property, customer lawsuits, and the long-term effects of negative publicity, a data breach can jeopardize the value of your business. But businesses that encrypt their sensitive data can greatly reduce their risks.

Data encryption is an additional layer of security that can greatly reduce the impact of a breach. Encryption ensures that any data accessed by unauthorized persons is unusable, protecting your most confidential assets including credit card numbers, PII data, PHI, and your company's intellectual property. This means no customer lawsuits, no PR crisis, and no danger of proprietary information falling into the wrong hands.

“As we transfer sensitive information across the internet, we’re having to deal with security and encryption more and more, and the products (Crypto Complete and GoAnywhere) are good, the documentation is very good, and they work.”

Programming Manager
Love’s Travel Stops and Country Stores

How Does Encryption Work?

Encryption uses algorithms to translate your information from plaintext into a secret code known as ciphertext, which is unusable by unauthorized users.

To return the information to a readable format (decryption), a person needs the proper key. With symmetric-key encryption, the same key is used to encrypt and decrypt the data. Asymmetric encryption uses two different keys: a public key and a private key. The public key can be shared with anyone to encrypt information, while the private one must be kept secret for decryption purposes.

Meeting SOX, HIPAA, and PCI DSS Requirements with Encryption

File encryption isn’t just a security control that’s “nice to have.” For many businesses, it’s a requirement, and the failure to encrypt data could lead to failed audits and fines.

The Payment Card Industry Data Security Standard (PCI DSS) was the first major security mandate to explicitly require encryption. To stay PCI compliant, businesses must encrypt credit cardholder data to ensure the data is unreadable in the event of a breach. This requirement applies to data at rest and in motion.

HIPAA—the U.S. law governing health insurance and healthcare information—requires electronically protected health information (ePHI) to be secured through encryption. This law applies to health insurance companies, hospitals, healthcare providers, and many other businesses operating in the healthcare industry.

Another U.S. federal law, Sarbanes-Oxley (SOX), applies to publicly traded companies and is designed to prevent fraud and ensure corporate accountability. While SOX doesn’t explicitly require encryption, encrypting your data is a highly effective way to prevent unauthorized parties—even your own users—from reading and changing data.

Safe harbor provisions are another compelling reason to encrypt your files. Today, nearly every state in the U.S. has a law requiring companies to notify customers if their data was exposed in a breach. These breach notifications can be time-consuming and costly, but most states also include a safe harbor for encrypted data. This means breach notifications are not required when the data affected was encrypted.

Should I Encrypt Data at Rest or in Transit? Or Both?

Data in transit, also known as data in motion, is data actively moving from one location to another, either across the internet, through a network, or from a local storage device to cloud storage. Data at rest is simply data that is stored on disk or other media.

Some security experts believe data in motion is most vulnerable, while others argue that data at rest is at greater risk. Attackers grow more sophisticated every day, so this data is at risk in both states. Ultimately, any business that needs to keep data private should be utilizing encryption wherever their confidential data is stored or transmitted. 

Compare Encryption Solutions

 

Encrypt Data at Rest

Encrypt Data in Motion

  Crypto Complete™ GoAnywhere®
Platform IBM i IBM i, AIX, Linux, Windows
Key Features
  • Automatic encryption of fields within IBM i database files
  • Automatic encryption of IFS files
  • Tokenization
  • Integrated key management with role-based administration
  • System alerts for key events
  • Secure, automate, and manage all file transfers through one interface
  • Create multi-step workflows to transfer, encrypt, and process files
  • Allow trading partners to securely connect and exchange files with your organization
  • Schedule file transfers to run at future dates and times
  • Audit all file transfer activity

 

Let's Talk About How We Can Help