Encryption and Hashing: Breaking Down Cybersecurity Buzzwords
October 19, 2017
October is National Cyber Security Month and our experts are breaking down what you need to know to keep your business safe from a cyberattack. While many of us would prefer to leave our online and device problems to the IT department, business owners have to face the fact that all of their employees are responsible for protecting company data and understanding how to do so successfully. So where do you start?
The first step is to understand what cybersecurity buzzwords mean and what you need to do about them. The two most common terms that are often misunderstood and used incorrectly are encryption and hashing.
Hashing is the transformation of a string of characters into a usually shorter fixed-length value that represents the original string. Hash algorithms can turn any amount of data into a set-length “fingerprint” that cannot be reversed. The best hash algorithms are created so that it is very difficult, and almost impossible, for someone without access to breach the account. Additionally, hashing provides a secure method for sorting key values in a database table in an efficient manner.
Encryption turns selected data into a series of unreadable characters, unlike hashing, it is not of a fixed-length. Additionally, it differs from hashing because encryption strings can be reversed back to the original decrypted form if you have the correct verification key. There are two main forms of encryption: Symmetric Key Encryption and Public Key Encryption.
- Symmetric Key Encryption is used when both the encryption and decryption codes are exactly the same.
- Public Key Encryption is when there are two different codes to encrypt and decrypt a string. One key is made public and the other, which reverses the encryption, is private.
So, how do you know which one to use? Encryption should only be used instead of hashing when it is a necessity to decrypt the resulting message. For example, if you are sending a secure message oversees that includes your banking information for a money transfer, you would want to use encryption rather than hashing so that the recipient on the other end can have access to that private information.
As the online world continues to dominate the workplace, it is so important to put an emphasis on cybersecurity education and transparency so that employees understand their role related to the security culture of a company, and how it plays a crucial part in maintaining the overall health of an organization. Don’t have an IT team? Not a problem. Many full service IT companies provide flexible on-site classroom-based programs and managed services for companies that don’t have an in-house tech team.
This National Cyber Security Month (NCSAM), find more tips to help protect you or your business from cyber threats here on our Simply Speaking blog. To reach our Customer Service Team with any questions, please call 866-224-1379.