November 24, 2021

    Data Encryption Best Practices

    File transfer protocol (FTP) as it was first conceived included no encryption. In the earliest days of FTP, senders and recipients of files logged in with usernames and passwords in plain text, and files were passed from one party to another without encryption.

    That’s not the case with modern FTP providers. They apply modern data encryption best practices to FTP transactions so that file transfers are conducted with the utmost security. What data encryption best practices should you be following? Here’s a look at different types of encryption, encryption needed for secure file transfers, plus details on how FTP Today handles encryption for its clients.

    Different Types of Encryption

    To understand different encryption methods, one must step back into the 1970s and the earliest days of digital transfer of data and information. In the 1970s, DES (Data Encryption Standard) was the common protocol. DES encrypted just 56 bits of data, though, which made it susceptible to hacking. It is no longer considered a safe approach to encryption.

    There exists a slightly more modern version of DES — 3DES. As the name suggests, 3DES uses three different 56-bit keys to enhance the security of data and information. In essence, it’s the triple-protection version of DES. Still, you’ll rarely see even 3DES used for encryption in the 21st century.

    RSA encryption stands for Rivest-Shamier-Adleman. When using RSA encryption, recipients of files or data have a private key they can use to decode the information. While RSA is a secure way to share data online, it requires advanced knowledge to use. Encrypting data using RSA is also a time-consuming process — making it an approach ill-suited for sharing large files or sharing files in volume.

    AES (or Advanced Encryption Standard) is today’s most acceptable form of encryption for organizations that often work with sensitive information — including the U.S. government. AES leverages symmetric key encryption, which means that the recipient of files or data will need a key to decode the information. Within AES, you’ll find three different levels of encryption:

    • AES-128 encryption uses 128-bit cipher strength.
    • AES-192 encryption uses 192-bit cipher strength.
    • AES-256 encryption uses 256-bit cipher strength.

    Each type of AES encryption also uses a different number of transformation rounds to translate plain text into cipher text. AES-128 uses 10 rounds, AES 192 uses 12 rounds, and AES-256 uses 14 rounds.

    Encryption Needs for File Transfers

    How and when do files need to be encrypted? If you’re handling sensitive information, you need to consider encryption for your files in two different states.

    First, you need to encrypt your files when they are being transferred from one server to another. For example, if you’re a defense contractor sharing sensitive information with a government agency or bureau, you’ll need to encrypt your files as they move from point A to point B. This is known as in-transit encryption or data-in-transit encryption.

    Second, you need to encrypt your files when they are simply stored on your desktop or server. If there were a hacking attack on your servers, or if your servers were to be physically stolen, you would want the sensitive files stored on them to remain protected. Securing files when they are just sitting on your server is known as at-rest encryption or data-at-rest encryption. Full-disk encryption is an approach most often used to secure files at rest.

    At-Rest and In-Transit Encryption for Your Files

    At FTP Today, we use the most advanced encryption and security approach to keep your files safe and both for encryption at rest and encryption in transit.

    For encryption at rest, all of our cloud storage systems are secured using AES-256, which provides the highest level of cipher strength — as noted above. For in-transit protection of files, we use only components that are FIPS 140-2 approved, and we follow TLS 1.2 for all connections – also with AES-256 cipher strength.

    FIPS stands for Federal Information Processing Standard, and 140-2 is an accreditation given to components made by the private sector that meet the highest security standards. TLS was first introduced as an upgrade to the SSL protocol. In 2008, TLS 1.2 encryption replaced TLS 1.1 to improve security, enhance performance and boost reliability. TLS 1.3 is also seeing greater use today.

    We choose to follow these protocols and standards because they represent the latest and best thinking of cybersecurity experts. As new upgrades and data encryption best practices become available, FTP Today will update its products so that we can continue offering industry-leading security for our users.

    New call-to-action

    The Importance of Encryption

    It’s important to understand that encryption isn’t just a nice-to-have for organizations around the world. Even small businesses are often handling and sharing proprietary information or personal data that deserves to be secured. Encryption is the best way to protect this sensitive information.

    Choosing advanced encryption methods protects your organization from attacks and breaches. You can secure any sensitive information, files and data when you choose the best encryption methods for 2021, 2022 and beyond.

    Encryption also protects your organization from liability related to a breach. For example, imagine you have on your servers the names, addresses and social security numbers of your customers. Now imagine that information is hacked by a third-party. Your organization will find itself in a public relations crisis, and you may also find your organization on the wrong end of a class-action lawsuit. Encryption can prevent such a situation.

    Finally, encryption can open up new business opportunities. The U.S. government relies on private contractors for all sorts of products and services. But the government will require advanced encryption for sharing sensitive data and files. If you aren’t set up to encrypt your data and files with the most advanced encryption, you will miss out on those opportunities.

    The Benefits of Hiring a Third-Party for Encryption

    When you move forward with plans for advanced encryption, you have two options. First, you can choose to configure your own servers and implement an encryption program on your own. Or, second, you can hire a third-party for encryption services. The latter option — hiring a third-party — is the obvious choice for several reasons. Here’s a look at the benefits of using a third-party for encryption:

    • Expertise: When you choose a third-party for encryption, you gain access to experts who know how to properly set up and manage your encryption program. These experts also update your encryption to match (and defeat) the latest tactics used by hackers.
    • Ease: When you choose do-it-yourself encryption, there’s a huge learning curve. You’ll either need to hire encryption experts for your IT team, or you’ll have to invest in education for your existing team members. Choosing a third-party makes starting an encryption program easy.
    • Automation: The moment you choose a third-party FTP provider, your data is instantly encrypted. You never have to think about actively encrypting your data and files ever again — everything is automated.
    • Compliance: If you work in or with an industry where compliance is essential, a third-party FTP solution ensures that you always remain compliant with relevant standards. Again, you can invest a great deal of time and resources into creating a team that monitors compliance. But it’s far easier to outsource compliance to a reliable third-party.
    • Savings: Encrypting on your own is prohibitively expensive for most organizations. In the long run, choosing a third-party saves you both time and money.

    There’s so much to gain from choosing an FTP provider that encrypts your files instantly. There’s no risk of a data breach or related liability. And you can open up new opportunities to do business with government and non-government organizations that require advanced encryption.

    FTP Today provides encrypted cloud storage that will always represent the latest and greatest approaches to keep your data and files secure — both at-rest and in-transit. To learn more about how we can help your organization with encryption, schedule time to chat with one of our experts.

    New Call-to-action

    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts