Cryptography – Encryption
Encryption, a technique in cryptography, enables the scrambling of human-readable data into ciphertext, which comprises random characters that cannot be comprehended plainly. The possession of the right decryption key is fundamental to restoring the random symbols to human-understandable data. In an era of technological revolution, this technique possesses an array of benefits. Firstly, encryption protects the privacy of sensitive information. Cybercriminals are on the loose and target a variety of personal data, thereby posing a privacy threat to online details such as emails, tax return details and even personal photos. Moreover, governments may also be involved in the interception of sensitive information, citing security, which also violates privacy (Severson, 2017). Therefore, encryption ensures no unauthorized party can interpret information; hence, only the intended sender and recipient access the actual data.
Encryption also enhances the security of online information. The outbreak of COVID 19 has ensured most transactions are done digitally, thus heightening data breaches and hacking, which amounts to cybercrime. Moreover, malicious hacking has also been associated with blackmail as cybercriminals may force one to pay ransom to prevent their information from being leaked online. Additionally, hard devices containing sensitive information may also be intercepted, thus providing a security threat to the software information. This evidences the fundamentality of encryption as it ensures in the above circumstances, only random symbols are accessed while the actual data is kept safe.
Encryption also ensures data integrity. When data is shared online, the possibility of on-path malicious activities reduces the integrity of the information. Therefore, by providing a stable encryption algorithm, the parties involved can be assured of the data’s non-tampered condition. Moreover, when an individual is accessing online information, the provision of encryption details also authenticates the source and condition of the data. Lastly, because of the multiple benefits attached to the idea, many regulations are put in place to require online stakeholders and companies to encrypt their data. An example of such regulation is the Health Insurance Portability and Accountability Act (HIPPA), which requires healthcare providers to encrypt patient data, thereby enabling them to enjoy the above benefits.
Role on the PSC network and satellite offices
Encryption will allow for secure messaging. By applying end-to-end encryption codes, the central office can communicate with the satellite offices and vice-versa while preventing information leaks to third parties (Jan et al., 2019). Furthermore, through encrypted sessions protected by a master key that is auto-generated using communicating parties’ public keys, the credibility of information shared during communication in the PSC corporate network cannot be decrypted after a session expires; thus, the data is secured.
It will also allow for secure web browsing. Employees in the offices will have to log into web-based networks, therefore necessitating TLS that ensures encrypted connection. This allows for the corporate to secure the browsing sessions.
Encryption also allows the corporate network to conceptualize Virtual Private Networks. This provides for a coded connection between a user and the original site. In addition, this allows for data transmission between the central office and satellite offices all over the world.
Lastly, it will also play a role in the use of passwords to lock various clearance levels within the network. Information is protected by an encrypted firewall that only allows those with the required password of print patterns to access the encrypted information.
Security problems addressed
Data loss is enabled by traffic visibility. Most Data Loss Protection (DLP) devices allow for exfiltration through SSL traffic (Schlicher et al., 2016). The encryption solution exposes situations of potential loss during data movement, thus minimizing the risk of leaks and enhancing the privacy of information in line with several administrative regulations.
Incomplete analysis of malicious threats. The encryption solution allows for threat analysis through an enhanced malware detection, thus addressing incomplete sandboxing.
Blind spots that allow occasional security attacks. Some threats may arise from within the organization, thus creating dangerous blind spots. However, the solution identifies all the threats in advance and eliminates them.
Weak networks that allow for sophisticated attacks. Encryption complicates the monitoring and detection of advanced breaches. However, the solution conducts analysis based on predictive behaviour to determine compromised network assets, thus giving prompt responses to suspicious network trends.
Compliance with stringent privacy regulations. With increased security concerns, there is a need to siphon malicious activities while allowing authentic traffic flow selectively, thus complying with the laws while ensuring continuity of data protection.
Downsides of using encryption
Encryption increases the risk of losing vital information. Since encrypted data is protected by a specific key, once that key is lost or forgotten, the decryption of the data is impossible. Therefore in cases where the encryption key is complicated and cannot be recovered, the data associated with it is consequently lost, which may be costly to the company. This births the second issue, which is unrealistic restraints by the data encryption technology, which may not be effectively comprehended by the company, thus creating events of encryption security vulnerability.
Another issue encountered is developing a false sense of security once encryption is conceptualized in the organization. The basic necessity of encryption is safety; therefore, once a key is used that makes it difficult for unintended parties to crack and access the information, then the purpose is said to be fulfilled. However, brute force and advanced hacking may eventually enable third parties to access the information through decryption (Hasan et al., 2021). Therefore, it is fatal to depend on encryption to keep vital information through encryption as the comfort of security may deter one from seeing such situations of hacking.
References
Hasan, H. A. A., Mohammed, S. M., & Ameer, N. H. A. (2021). Advanced Encryption Standard Using FPGA Overnetwork. EUREKA: Physics and Engineering,(1), 32-39.
Jan, M. A., Zhang, W., Usman, M., Tan, Z., Khan, F., & Luo, E. (2019). SmartEdge: An end-to-end encryption framework for an edge-enabled smart city application. Journal of Network and Computer Applications, 137, 1-10.
Schlicher, B. G., MacIntyre, L. P., & Abercrombie, R. K. (2016, January). Towards reducing the data exfiltration surface for the insider threat. In 2016 49th Hawaii International Conference on System Sciences (HICSS) (pp. 2749-2758). IEEE.
Severson, D. (2017). The Encryption Debate in Europe. Hoover Institution Aegis Paper Series, (1702).
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
Cryptography was identified as one of the key security controls planned to improve PCS security. The cost of the hardware and software for these controls raised some additional concerns.
Based on your research for Unit 6, write a point paper:
• Explain the benefits of encryption.
• Explain the different ways encryption will play a role in the PCS corporate network and satellite offices.
• Give some examples of security problems that will be addressed by your encryption solutions.
• The CEO asked why we haven’t been using encryption all along if it is so easy. Other than hardware and software costs, provide a response to this question.
The requirements for your assignment are:
• 1-2 page APA paper excluding title and reference pages
• Provide at least two references and in-text citations in APA format
• College level writing