teach-ict.com logo

THE education site for computer science and ICT

2. Why encrypt data?

There are many reasons to have cyber security in place for a computer and its network. These include:

reasons for security

 

Data loss - backup and encrypt

Almost every business has data that its wants to keep safe: customer information, staff data, financial information etc.

Most people also have data that is vitally important to them, such as family photos, music collections or even that homework that has not yet been submitted. Therefore, data needs to be backed up - either to a local device or to the cloud.

However, you do not want someone to be able to read that backup data - it needs to remain private. And so encryption is often used to protect backup data files.

Protect against data theft

Some types of data are worth real money, and so are attractive targets for cyber-theft. For example,

  • Actual virtual money - bitcoins
  • Sales information, such as a customer database
  • Intellectual property, such as the latest research notes or trade secrets of a company.

Encryption will keep the information private.

 

Defend against unauthorised data change

Someone changing data in your name can cause no end of problems. Imagine that someone were to gain access to your social media accounts and start posting comments and photos under your name - imagine the embarrassment and upset that could arise. Encrypting the data makes it much harder to alter.

Encryption can also be used malciously - ransomware encrypts user data and then demands payment for decryptng it.

Confidentiality

Even if data is not lost, there is a legal and moral obligation to keep much data confidential, such as

  • Identity information such as passport details, national insurance number, name and address.
  • Personal information such as medical records.
  • Financial information such as credit card number, bank details, salary.
  • Access information such as username / passwords for online computer games or social media.

national cyber security centre

Legal obligations

The UK Data Protection Act and the General Data Protection Regulation Act places a legal duty on all organisations to keep their sensitive data safe. If there is a data leak then the organisation can be prosecuted in court.