By Melissa Rudy
Updated: June 01, 2012


As a society, we've come to rely heavily on the Internet. Businesses carry out transactions through email and file sharing services, and consumers purchase products and services from millions of e-commerce websites. People shop, bank, connect with family and friends, and share all sorts of personal information online.

How is this endless stream of private, sensitive data protected from prying eyes? In many cases, it's through the use of encryption—the practice of rearranging data to render it incomprehensible for anyone who doesn't have the right “key,” which is usually either a password or a digital packet called a keyfile.

SSL: The online encryption standard

Have you ever visited a website and received a warning about the “security certificate”? Typically, these error messages will say cryptic, ominous things like the security certificate is expired or not valid, or not from a trusted certifying authority. The messages often give you the option to “view the certificate”—but this isn't helpful if you have no idea what certificate they're talking about, or why it matters.

This type of warning refers to an SSL certificate. SSL, short for secure socket layer, is the encryption standard for websites that handle sensitive information like home addresses, phone numbers, and credit card data. The certificate serves as the website's stamp of approval that the information is protected.

How does SSL work?

The secure socket layer is a private communication channel. Data is encrypted, or scrambled, and sealed away from view before being sent through the Internet. The process is similar to sending mail in an envelope—except the envelope can only be opened by the intended recipient who has the right key.

SSL certificates are issued with two keys: a private key and a public key. The public key is displayed in the certificate, and is used to encrypt data. You can view a secure website's SSL certificate and public key by clicking on the lock icon in the lower right-hand corner of the screen.

The private key unscrambles the encryption and allows the information to be read. This key is known only by the certificate holder, so they can safely process customer data. Fortunately, casual Internet users have no need to decipher the underlying mechanisms and protocols of SSL encryption. As long as you're dealing with a valid SSL certificate, your information is safe.

Personal encryption: Do you need it?

While encryption is common and necessary for businesses that function using the Internet, there are many uses for encryption outside of corporations and web entities. Personal data encryption has become a standard and useful practice for many different applications, especially with the rise of portable devices.

Whether you store sensitive information on a desktop, laptop, mobile phone, tablet, or PDA, using data encryption can help guard against disaster. Portable device theft is an unfortunately frequent occurrence—so it's a good idea to make sure that if your phone or laptop is stolen, the thief won't also gain access to your accounts.

How to encrypt your data

There are many different methods and standards that can be used to encrypt data, from simple to complex. To protect personal devices and accounts, the basic methods are usually sufficient. It takes a lot of effort for unauthorized users to crack encrypted data—unless you're a large corporation with thousands of credit card numbers stored in your data banks, most malicious attackers won't bother trying.

Here are some common, simple encryption methods you can use to keep your information safe.

  • Email. If you send sensitive information through your email accounts, you can use software to encrypt your messages. GnuPG is a free email encryption program that works with most hardware platforms and operating systems, and installation is fairly straightforward.
  • Hard drive. While you can encrypt your entire hard drive, it's generally not a good idea. Encryption relies on passwords, which can be lost or forgotten—and without the right password, encrypted files can never be recovered. Instead, you should select the essential files you need to protect. Both Windows and Mac operating systems support native encryption, so you won't need to use additional software.
  • Laptops. There are several encryption software products that will protect the data on your laptop in the event of theft. A few examples are CyberAngel and PGP Whole Disk Encryption (from Symantec, creators of Norton Antivirus). You can also use native operating system encryption to protect certain files.
  • Mobile devices. As with laptops, you can install encryption software on your smart phone, PDA, or tablet PC to protect your data in the event of theft. Some mobile platforms include SecurStar, WMKits, and Lockbox.

Encryption tips: Passwords and backups

Creating a strong password for your encrypted data is an essential step for protection. Like passwords for your online accounts, you shouldn't use common words or phrases alone. Instead, use a combination of letters and numbers, including some capitals, and make sure the password for your encrypted data is unique—in other words, don't use your email password for your encryption software.

It's also essential to back up any data you encrypt. Remember, if you lose your password, you won't be able to recover the encrypted information. Keep backed up files in a safe location, separate from your encrypted device.

By following these precautions, you can keep your personal information secure, even on mobile devices, through the power of encryption.

Related Categories
Featured Research
  • Enterprise Security Software Roundup 2019

    According to Juniper Research, cybercrime is estimated to cost businesses $2 Trillion in 2019. Your business needs strong security measures in place. The most robust security software available on the market is Enterprise Security, which is a full-spectrum suite of tools that are designed to cover all the important security needs of a company, in one system. Check out our recent whitepaper to learn more about protecting your business against cybercrime and see who's leading the Enterprise Security industry. more

  • Cybersecurity in the Banking Industry

    Cyber breaches have been rampant lately, but the banking sector is most vulnerable owing to its primary responsibility of safeguarding money. This whitepaper therefore features a list of precautions that banks can take, along with comprehensive software recommendations to maximize security. more

  • Business Security Software Roundup 2018

    Owing to growing concerns of cybersecurity by companies both big and small, the software market is abundant with solutions promising to protect your valuable data and networks. Which one's right for you? This whitepaper helps answer the question! more

  • Office365 Adoption eGuide

    Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more

  • Okta Directory Integration

    For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more