Encryption is the process of scrambling data so that it's only readable only if you know how the data was scrambled. By encrypting data saved on disk (at rest) or sent across a network (in transit) the information is protected from attackers. Below you will find further explanation of each concept and some methods of performing encryption.
Encryption at Rest
In the event that your laptop or USB drive is stolen, a novice attacker can access all of the information stored at rest on the device. Even if a password is required to log on it's trivial to bypass the password prompt. Because of this known risk, portable devices, particularly those handling confidential or sensitive information per our Data Classification policy should use encryption software to prevent this attack.
When using encryption software, make sure that you keep a backup of your decryption password in case you forget the password. In the event that you forget your decryption
A feature found on Microsoft Windows 7 Ultimate and Enterprise editions that can encrypt an entire hard drive or USB storage. Visit the Microsoft website for information.
A free program that encrypts drives, folders and USB storage. This software is compatible with Windows, Mac and Linux operating systems. Visit the TrueCrypt website for more information.
Apple Mac computers have a feature called FileVault that can
WinZip has a feature where compressed archives can be encrypted. One popular use of WinZip encryption is for emailing sensitive information. In such a situation you would create an encrypted archive containing the sensitive information. Email the archive to the intended recipient. Send the decryption password to the recipient using a different out of bounds communication channels such as a letter, phone call, text message or fax. Visit the WinZip website for more information.
Encryption in Transit
When information is sent across a network such as the Internet cyber attackers can eavesdrop on the information while it travels to the intended destination. Because of this known issue, it's important to encrypt any sensitive information before transmitting information. Luckily all of the protocols that do not encrypt have long been superseded by newer ones that support encryption. Below is a table of insecure network protocols and their newer encrypted counterparts. Further information on encryption and networks can also be found on the Microsoft website.
Secure Encrypted Equivalency