Internet Basics: What Is Encryption And When Should You Use It?

Encryption is becoming more critical to protect your financial and personal data. We'll help you understand what it is and how it affects you.

To the average PC user, encryption has more in common with Tom Clancy novels or the CIA than anything relating to their day-to-day computing. However, encryption isn't only for spy thrillers or government use. On a smaller scale, encryption can help keep your personal data safe from the prying eyes of hackers or other unauthorized individuals.

In fact, it's entirely likely you've already been using an aspect of passive encryption without realizing it. If you've ever made a purchase online, paid bills or simply balanced your checkbook on your bank's website your information was protected through an encryption protocol known as SSL or Secure Sockets Layer. You should never enter any personal or financial data on a website that doesn't use SSL encryption. An easy way to verify its presence is to look for a small padlock symbol on the bottom of the browser window. If the padlock's locked, you're protected

Active encryption is a little more varied. This family of products covers everything from encrypting your e-mails to protecting the data on your hard drive. Given the wide range of applications in this area, we'll break them into two general sections: e-mail and personal data protection. Before we go any further, you need to be aware that use of "strong encryption" (defined as anything using 128-bit encryption or higher) might be illegal for those in certain countries.



E-mail encryption involves encrypting the text of your message before you send it. The most commonly used system for the purpose by a wide margin is Pretty Good Privacy, or PGP. PGP operates with two components. A public key that you send to recipients and to a general key server as well as use to encrypt your messages and a private key that the recipient of a PGP-encrypted message uses to decrypt the e-mail to readable text. As an added advantage, the use of PGP keys allows you to verify your identity as the sender of an e-mail or file without encrypting it. With the importance of e-mail for transferring sensitive business and personal data, PGP or one of the similar alternatives is almost a must.

The other aspect of active encryption involves encrypting the data on your hard drive. Unlike encrypting your e-mail, there are several different packages and encryption schemes ranging from 128-bit DES to 256-bit Blowfish to choose from. Most commercial encryption packages available involve creating a "virtual" drive that you add specific directories and files that you wish to encrypt to with the help of an interface similar to Windows explorer. It's best not to add your Windows directory to the list of encrypted folders, as your PC won't be able to boot. Admittedly, this is the extreme end of encryption and not recommended unless you're concerned about someone physically removing your hard drive or computer.

Yes, encryption can become quite complicated, depending on how involved you want to become with it. However, the upside is that for the practical day-to-day needs, you never really need to get your hands dirty or worry about what's happening behind the scenes. If your only concern is protecting your financial data online, you'll be fine as long as you remember to only enter confidential data on sites that support SSL. The rest, you can safely leave to the James Bonds and those that have a need for it.

© High Speed Ventures 2011