EOL IT Services has now merged with tier1 Asset Management Ltd

Do I Need To Encrypt Everything?

by | Mar 17, 2015 | IT Security

We are constantly warned about how important it is to protect our data and prevent hackers from accessing it. However, nowadays we are also told to encrypt so much that it might make you question whether you need to encrypt absolutely everything that you store, send and receive on your computer.

Do you really need to carry out full disk encryption, including data such as MP3s in case of an attacker gaining access to your computer or device? Well, the answer is no, but this guide should help you to decide what needs encrypting and what does not.

In reality, there are only two types of data that actually need to be protected: Personally Identifiable Information (PII) and confidential business information or intellectual property. Outside of these categories, it is really up to you as to whether you wish to encrypt the information. But what is classed as PII or intellectual property…?

What is Personally Identifiable Information?

In short, Personally Identifiable Information is information through which your personal identity could be discovered and or put at risk, should it fall into the wrong hands.

This includes:

  • Names. In all of its forms: your full name, your maiden name, your mother’s maiden name and even any nicknames.
  • Numbers. This covers everything, from your National Insurance number, to your passport and driving license numbers and, it almost goes without saying, your credit card number.
  • Personal Information. This includes information you might not even deem as private, such as your date and place of birth, your religion and education or employment information. But also includes more obviously private things, such as financial and medical information and your address.

What does this mean I should encrypt?

  • Bank statements, credit card statements and other financial data.
  • Medical records, such as prescription information, appointment details, receipts and private insurance information.
  • Any information you have relating to your work, job or performance at work.
  • Any information with relation to your education, such as grades or university dissertations and theses.

What about for confidential business information/ intellectual property?

If your business stores customer or client information, that should be your priority in terms of data encryption. You may find, depending on your business type, that you are already subject to specific rules with regards to customer information.

You will also want to encrypt any files that contain confidential information about new products or business ideas. This includes any research that might have been carried out-why would you want someone else to exploit your hard work?

When someone steals a laptop or computer from a business, it can be the information on the device that is more valuable to them than the device itself.

Is there an easy way to determine what should be encrypted?

Yes, there are two simple questions that you can ask about data to determine whether or not you need to encrypt it.

1.If you had the information in hard copy, would you shred it before throwing it away?

2.If someone else obtained this information, would they have the potential to have detrimental effects on your personal safety, your business or your clients?

If the answer to either of these questions is yes, you should encrypt the file!

Disposing of sensitive data

Your responsibility for sensitive data doesn’t end when you dispose of a device. You should always ensure that any devices that may, or have contained sensitive material are disposed of in a secure manner.

Contact us on 0845 600 4696 if you are looking at any IT Asset Disposal and need advice.

[Photo Credit: Tony Webster ]

Recent Stories

What Do Refurbished Technology Grades Mean?

What Do Refurbished Technology Grades Mean?

As enterprises strive to balance their sustainability targets and a limited financial budget with the technology requirements of the business, an increasing number of CIOs are taking a circular approach to IT procurement. Our ‘take, make, dispose’ culture has had a...

7 Questions to Ask Your ITAD Supplier.

7 Questions to Ask Your ITAD Supplier.

The growth of the cloud, the emergence of hybrid working and remote collaboration along with the soaring quantities of data-rich Internet of Things devices means that IT asset disposition no longer solely concerns the disposal of end of life IT assets. Today’s ITAD...

Are Unintentional Cyber-attackers Risking your Data Security?

Are Unintentional Cyber-attackers Risking your Data Security?

As we learnt during the last couple of years, for the cyber-criminals, a crisis merely presents an opportunity. In 2020, malware attacks rose by 358% and in the first quarter of 2022, Russia experienced nearly 3.6 million data breaches, an 11% increase*. Cyber-attacks...