We are here to help you through the design process, from initial idea through to launch or delivery. New topics added daily!
-
How do I encrypt my customer data?
If you are storing your customer’s details, be it information about things they have bought, payment information, or just notes contained in your customer call database, it is important that you protect it.
Given the availability and low-cost of encryption software, it is pretty amazing that the news is filled with stories of government departments losin portable drives containing data about all of us, and it being accessible to anyone who finds it.
The Data Protection Act requires that you take all reasonable steps to secure your customers’ information, and most encryption software more than meets these requirements. Most also offer a facility of safe deletion, whereby when you delete a file, it is deleted permanently through a series of passes: you may be surprised to know that when you normally hit delete, the file is still on your computer, it’s just that your computer has made that space available for use by other files - it can be easily read by someone with the right software.
What software is available?
Depending on your requirements and the number of computers you use, you may be able to use a free facility such as TrueCrypt (http://www.truecrypt.org/), which allows you to encrypt your whole computer hard disk, so that if it should be stolen, it will be useless to anyone without your password.
You can also use it to encrypt individual files, so that even if the disk can be read, then when these files are opened they will be illegible to anyone without first entering the password. This is especially useful for text files and databases that contain sensitive data.
The next level up from a free service is PGP (http://www.pgp.com), which can be used to secure individual computers, or an entire network. This is more suited to companies with more than one employee.
Whichever piece of software you use, they all run in the background, seamlessly encrypting and decyrpting your data “on the fly”, so that you don’t notice it. Once you shut down your computer, anyone trying to access it must first enter your password or phrase - this gives you peace of mind should your computer be lost or stolen, as none of your data can be read without it.