File encryption plays an important role in computer and network security. While other security products block computer viruses, detect intrusions, back up data, physically secure devices, or clean up threats, file encryption renders your most sensitive information unreadable should a hacker or data thief get past your frontline defenses. File encryption works by encoding and decoding files. In order to use an encrypted file, you must have a means of decoding it. This means is often in the form of a "key" such as a password, trusted certificate, or biometric reader.
Types of File Encryption
Many types of file encryption exist. Below are a few of the more common forms of file encryption used in computer and network security:
File-level encryption - With file-level encryption, files are encrypted on a case-by-case basis. For example, you may opt to encrypt files with sensitive financial information while leaving less critical files unencrypted. While using file encryption software as needed offers some protection, this method relies on users remembering to use the software. If they forget to encrypt an important file, that file is vulnerable.
Application-level encryption - Some applications, including Microsoft Office, include file encryption tools. However, application level encryption usually requires the user to initiate encryption. For example, Adobe Acrobat Pro offers four levels of security (no security, password security, certificate security, and Adobe LifeCycle Rights Management), but users must make a choice each time they create a new file. By default, "no security" is selected.
Database encryption - Database encryption is also an option. Depending on the database software, encryption may even be built in. If not, third party encryption software can be placed between the application and the database to encrypt and decrypt data as it is written to the database or retrieved.
Email encryption - Email messages leave your network, travel across the Internet, and land in recipients' inboxes. Once you hit "send," your messages and any file attachments are beyond your control. Fortunately, you can encrypt email messages. Common email encryption types include PGP (Pretty Good Privacy) and S/MIME which uses trusted certificates.
Network encryption - File encryption over a network is one of the most important areas of computer and network security. Common encryption methods include Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Secure Shell (SSH). Wireless networks use Wired Equivalent Privacy (WEP) and WiFi Protected Access (WPA).
Hard disk encryption - With hard disk encryption, file encryption is done across the entire hard disk. Users do not need to remember to encrypt individual files as the disk itself is encrypted. The process is generally seamless for users. Once set up and encrypted, the only intervention required is logging on to the hard disk with the appropriate encryption key. This is usually accomplished by entering a password or using fingerprint authentication. Once unlocked, the data on the disk is readily accessible by the user.
File encryption is an important computer and network security measure that can protect individual files or an entire hard disk's worth of files from falling into the wrong hands.
Daniel Gail is an author and expert in network security. He has helped a countless number of companies secure their networks and computers by recommending a great network encryption solution named SecureDoc from WinMagic.