In 2016 the UK suffered more data breaches than any previous year, 54,468,603 records were compromised, a 475% increase over the 9,478,730 compromised in 2015.
Consequently businesses are realising the importance of implementing effective security solutions, and data encryption.
With the GDPR coming into law May 2018, the pressure is now on organisations to meet new compliance obligations for handling and protecting personal data.
GDPR requires businesses to implement technical and organisational measures to provide appropriate protection to the personal data they hold. When determining such security measures businesses must take into account the nature, scope, context and the purposes of their use of personal data.
GDPR now expressly states that such measures include the pseudonymisation and encryption of personal data.
Encryption is nothing new, and dates back to when the ancient Greeks and Spartans used cryptography (secret code), with a scytale tool, to cipher and send secure communications during military campaigns.
Scytale
The Enigma machine was invented by the German engineer Arthur Scherbius at the end of World War 1 and was used by British codebreakers to decrypt, Nazi encrypted messages, and was seen as one of the defining moments in the war.
Then in the late 1960s the British intelligence organisation GCHQ (Government Communications Headquarters) started to develop the system of modern computer cryptography that is widely used today to secure online transactions and messages.
Encryption
Encryption is the process of scrambling clear-text (plain-text, which is any readable data in any format), but could still be deciphered by the Government or someone with technical knowledge to unlock and the code so it can be read.
An Encryption Key is like a password, which is used with the clear-text, to convert data in to cipher-text – unreadable scrabbled data.
Download GDPR the need for Encryption White Paper for the full article.