This summer we will be writing weekly posts with a “public vs. private” theme.
The first post in the series pointed to our Managing Secrets Risk Advisory.
An important concept in data security and privacy is encryption. Encryption is the process of encoding data and/or communications so that only authorized parties can access them, keeping the information private instead of allowing it to be public.
There are several ways to encrypt data, whether it is at rest—on devices or in data systems and email—or if it is data in transit via the Internet in wired and wireless transmissions.
Encryption uses a mathematical algorithm, or “cipher” (an encoded set of rules) to transform information from a readable form (plaintext) into a form that is unreadable (ciphertext) by anyone that does not have the electronic key. Decryption is the reverse process.
Ways that encryption is (or may be) applied
Whole disk encryption
If your computer, laptop, or device is lost or stolen, whole disk encryption will make the data inaccessible to thieves and adversaries. Read our Whole Disk Encryption Risk Advisory for more information.
Storage devices
Even if a stolen computer is password protected, the information can be exposed if the thief removes a data storage device that isn’t encrypted, so encrypt those as well.
Public vs. private WiFi
Avoid using public WiFi networks when accessing University data and other data that you want to keep private. Connect to a virtual private network (VPN) such as Husky OnNet. If you’re on campus, be sure to use eduroam for free wireless encryption. (Please note that the UW wireless network is public, not private, without eduroam.)
Whether you use a Mac or a PC, get to know what the default settings are on your computer for public vs. private network discovery—and adjust those settings accordingly.
HTTP vs HTTPS
On the Internet, URLs that begin with “HTTPS” (rather than “HTTP”) indicate that the website is secured by an SSL certificate. Whenever you enter sensitive information in a browser, be sure that you see “https://” and a lock in the address bar to ensure that you are using an encrypted connection.
Upcoming topics in the public vs. private series: