Encryption makes my data secure and that’s a good thing,….right?

Encryption makes my data secure and that’s a good thing,….right?

written by Henry Verlander

One of the most significant differences in the types of data traveling the internet today is whether the data is encrypted and not encrypted. The difference is a critical security issue, but would you believe that encryption could possibly be a bad thing! Perhaps you have seen the warnings that some internet browsers will pop-up to you, telling you that your data might be visible to others. That is because the data is not encrypted during transmission. Unencrypted data transmission is fast and easy to setup. Most internet traffic is not encrypted.

When you open a website on your computer, you might notice that some websites have the letters HTTP in front of them and some have HTTPS. The “S” means secure and encrypted. Your bank website has HTTPS in front of it. That traffic cannot be intercepted or read by anyone when it is traveling the internet. As security concerns have grown in recent years, more and more entities are making the effort to encrypt their websites and data. FACEBOOK is now HTTPS/encrypted, so that no one can steal your Facebook information in transit.

However, this explosion of encryption has created some significant challenges which more and more organizations must consider.

One example of a serious problem is as follows. When the data traveling through an organization’s firewall is encrypted, the firewall CANNOT SCAN IT FOR PROBLEMS. This means that if you have fallen prey to an internet scam or “phishing” attack, and are downloading a virus from an HTTPS website, then your firewall is incapable of detecting it. Most advanced firewalls have malware scanners built into them, but in recent years the “bad guys” have come up with a very creative trick. They are encrypting their websites to help elude detection.

Many firewalls have the capability of activating HTTPS scanning, but it is optional. It requires detailed planning and ongoing maintenance. At Infostream, we believe that more and more organizations will be implementing HTTPS scanning as their security needs and concerns grow. For further details, please contact infostream to setup a presentation and get all the facts about HTTPS scanning for your organization.