The bad guys use encryption because it works. A security expert explains how you can use one of their favourite tools against them.
Not all small businesses really understand encryption, according to Sophos encryption expert, and director of data protection product management, Anthony Merry.
The use of encryption by ransomware such as Locky and Cryptowall has brought a negative connotation to the technology, but "encryption is effective – that's why they use it," he said.
"I take the view that data is the new gold," said Merry. "At the end of the day it's all about money," and markets exist for various types of data.
The most common cause of data loss is malware, he said. Small businesses are unlikely to be specifically targeted, but some malware opportunistically steals data and "occasionally it will get lucky."
But making it easy to store data means it is easy to lose, and around a quarter of breaches occur when information is accidentally sent to the wrong person. The third most common cause is losing hardware, especially phones, tablets, notebooks and storage devices.
Merry points to the example of a small dairy company that 'lost' a spreadsheet that included its raw milk prices. One week later a competitor started a price war. It might have been a coincidence, but that anecdote shows that data protection is about competitiveness as well as compliance.
"Encryption is best when it is largely invisible," he said. Modern operating systems include full disk encryption (such as BitLocker on Windows and FileVault on OS X), which means data is encrypted as it is created.
The trick, he suggested, is making it easy to keep it encrypted as it moves around. He added that Sophos SafeGuard Encryption takes advantage of these built-in encryption capabilities along with individual file encryption to keep information protected while it moves around inside the organisation – with no change to the normal processes.
SafeGuard Encryption integrates with Sophos Endpoint Protection (security/antivirus) software to prevent decryption on malware-infected internal systems.
To share files externally, the product keeps them encrypted and delivers them in an HTML5 wrapper that allows a recipient that knows the password to view, edit and if necessary return them.