Use It Or Lose It

Feb. 21, 2008
Cyber thieves must be rubbing their hands with glee at the potential Internet crimes they can perpetrate thanks to data-protection inefficiencies of organisations—data that should be bulletproof against any threat. Indeed, 2008 has been tagged as the year

Some recent discussions on data security, or more accurately the lack of security, have piqued my curiosity. My interest was prompted by a couple of things. First, there was the totally irresponsible loss of 25 million UK citizens’ personal details by a UK government department. Second, there’s the risk people are taking using the mega-fashionable social-networking sites like MySpace and Facebook.

Cyber thieves must be rubbing their hands with glee at the potential Internet crimes they can perpetrate thanks to data-protection inefficiencies of organisations—data that should be bulletproof against any threat. Indeed, 2008 has been tagged as the year that cyber crime will escalate in the extreme. In fact, many examples of viruses have already emerged, viruses that probe social-networking sites for people’s details.

What about encryption in all of this? Foremost, it should be mandatory that organisations responsible for private data use modern encryption technology. It’s unbelievable that the UK government department I previously mentioned actually mailed the data of 25 million people on two unencrypted CDs in the regular postal system—and they got lost!

It is fair to say that modern encryption methods work fairly well. However, it’s crucial that they remain in a constant state of development to keep ahead of the cyber thieves.

Thirty years ago, IBM unveiled the DES encryption standard. DES is public key cryptography (PKC) that relies on the use of two keys, a Public key and a Private key. Data encrypted with the Public key can only be decrypted by the holder of the Private key. A commonly employed example of a PKC system is the Secure Sockets Layer (SSL) protocol, which ensures that payment transactions on the Internet are secure.

So far so good, except that some code experts are starting to consider that DES is no longer as secure as it needs to be. This is because of its short key length of 56bits. The more bits used in the key, the harder it is for cyber thieves to decrypt the data. Consequently, DES is being replaced by more modern encryption standards, such as Triple DES and the Advanced Encryption Standard, which uses key lengths of 128, 192 and 256bits.

Generally speaking, encryption technology is capable of protecting a good portion of data. So my advice for organisations, including government departments, is simply “use it or lose it.”

Sponsored Recommendations

Board-Mount DC/DC Converters in Medical Applications

March 27, 2024
AC/DC or board-mount DC/DC converters provide power for medical devices. This article explains why isolation might be needed and which safety standards apply.

Use Rugged Multiband Antennas to Solve the Mobile Connectivity Challenge

March 27, 2024
Selecting and using antennas for mobile applications requires attention to electrical, mechanical, and environmental characteristics: TE modules can help.

Out-of-the-box Cellular and Wi-Fi connectivity with AWS IoT ExpressLink

March 27, 2024
This demo shows how to enroll LTE-M and Wi-Fi evaluation boards with AWS IoT Core, set up a Connected Health Solution as well as AWS AT commands and AWS IoT ExpressLink security...

How to Quickly Leverage Bluetooth AoA and AoD for Indoor Logistics Tracking

March 27, 2024
Real-time asset tracking is an important aspect of Industry 4.0. Various technologies are available for deploying Real-Time Location.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!