The ongoing legal battle between the FBI and Apple has highlighted an information security capability that experts have advocated for years to be implemented in their enterprises: data encryption. Encryption protects readable data by converting it into data that cannot be understood without authorization or a special key.
The strength of the encryption hinges on the complexity of the conversion process, authorization process and special key. Strong encryption takes years to crack without the special key, but weak encryption can be cracked in seconds.
The benefits of encryption go beyond data protection. Encryption has driven economic growth by assuring consumers that online shopping is relatively safe. Online purchasing transactions are protected by encrypting the data between the shopper’s device and the electronic commerce website. Anyone intercepting the transaction will not be able to understand the data or steal credit card information because it will be unreadable. With this assurance, consumers have confidently shopped online for years to the point where it is the primary means of purchasing for millions.
According to the U.S. Department of Commerce, total e-commerce sales were estimated at $341.7 billion in 2015, an increase of 14.6 percent from 2014. E-commerce sales accounted for 7.5 percent of total retail sales in 2015, which is an increase compared with 6.4 percent in 2014. This upward trend for e-commerce will not stop anytime soon.
The recent FBI and Apple controversy involves the encryption of data “at rest,” meaning data that’s not moving and is stored on a computer disk, smartphone or backup device. Data encrypted in storage is unreadable without the special key, such as a pass code.
Encryption of data in storage, coupled with strong authentication mechanisms (for example, complex pass codes or fingerprint authentication), is one of the strongest protections for sensitive data. It’s also generally costly, especially when it comes to encrypting large amounts of data.
The FBI’s recent experience with the built-in data encryption capabilities of Apple’s iPhone and iPad operating systems has validated the strength and security of this type of protection. Modern Google Android operating systems have a similar capability that can be enabled. This validation likely will accelerate the growth of mobile commerce similar to the way the encryption of
online shopping has contributed to e-commerce growth.
We’ve seen how increased investments in information and cybersecurity have accelerated the growth of cloud services such as Office 365, cloud computing from Microsoft Azure and regional data center services. Cloud service providers, including Hawaiian Telcom and SystemMetrics right here in Hawaii, have made significant investments to secure their data centers and customer data. With assurances that their data are reasonably safe in cloud data centers, businesses large and small from all industries, including those that are highly regulated, are taking advantage of the efficiencies of cloud services. Accordingly, a recent report by Forbes predicts that spending on public cloud services will grow from $70 billion in 2015 to $141 billion in 2019.
Although information security, cybersecurity protections and encryption cannot take all the credit for the economic growth of e-commerce and cloud services, those industries would have had a hard time without it. Good security is also good for business.
Michael Miranda, director of information security at Hawaiian Telcom, holds current Global Information Assurance Certification (GIAC) and is a Systems and Network Auditor (GSNA), a Certified Intrusion Analyst (GCIA) and Certified Forensic Analyst (GCFA). Reach him at michael.miranda@hawaiiantel.com.
