This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Encryption is a process of providing security for the information from the unauthorized users such as eavesdroppers or hackers so they cannot read it, but the authorized parties can use the encryption algorithm to create an unreadable cipher text from a plain information such as messages or information.
There are two types of encryption schemes: Symmetric-key and Public-key encryption.
Symmetric-key encryption is a private-key encryption technique where the key is provided to only specific users whereas in Public-key encryption the encryption is published for anyone to use and encrypt their information.
The main legal issue facing by encryption is privacy as many of countries have their own laws for encryption and their usage since by using the data encryption policies the information is encrypted so that only the user with an encrypted key can decrypt the data and use it.
These kinds of issues are mainly faced by the military and some government agencies that use encryption algorithms for the security of their information from the unauthorized users seeking access.
The availability of encryption codes will encourage a larger population of users to encrypt communications and will provide businesses worldwide a way to conduct transactions securely.
Arguments are made that the control of source code export discriminates against software distribution as opposed to encryption in print form. This greatly limits the expression of scientific ideas and thereby limits the marketplace for ideas.
The information that software developers want to transmit represents the results of their research in cryptography. It is the transmission or communication of the encryption techniques that the government wishes to restrict, not the communication.
And one more major legal issue faced by the encryption is from the concern for national security may be eroding first amendment protections. Scientists will be denied the freedom to express and discuss developing technologies regarding the encryption technologies.
Software developers are facing legal issues for using the encryption algorithm for developing the security issues for internet.
To manage data encryption the data access and data protection has to be done simultaneously since data access and data protection often seem incompatible with one another, but the present MNC companies have successfully managed encryption to achieve both data access and data protection.
To manage encryption one of the main step is need to prevent data loss has made by using storage encryption for securing the sensitive data is becoming a higher priority in data storage environments as a result of increased regulations on high corporated data.
Storage encryption technology can be a vital part of a company's data access and protection plan. However, the increase in administration overhead that comes with encryption key management has been a major deterrent to organisations adopting storage encryption technology. Learn about the common challenges and administration overhead associated with encryption key management, as well as how to overcome them by managing who is assigned a key and ensuring keys are securely kept.
Done correctly, storage encryption can ensure that backups are secure and meet regulatory requirements. Including upfront planning and ongoing administration, working with backup and security vendors to ensure a successful implementation, identifying applications that need to be encrypted and more.
One of the best ways to manage encryption is by eliminating as much collection and storage of sensitive data and providing them with a best key management policies so that this sensitive information can be used by the authorized users not by the unauthorized users.
Handling Encryption and encrypted data:
In todays generation there is a lot of change in technology as there is an advantage there are even flaws such as a confidential information can be retrieved be an unauthorized person.
Hence to overcome this flaws we are providing security to the system. One of an important process is encryption. It's a common means of providing security to the data present in the packets during the transformation of information. An original data is been transmitted in the form of ciphertext using mathematical algorithm and it can be secret as we use cryptographic key so that only a right user can read the data.
Few mediums which are used to store these encrypted data are USB enabled devices , memory cards, CD/DVD media and hard drives. These storage options allow one to easily transport data between devices and computer systems. The main reason for an unauthorized not to access the data because the include personal identifiable information such as financial loss.
There can also be a risk to the trade secrets. Hence the information should always be secured to reduce the financial risk associated with loss of information. There are few methods to protect the encrypted data such as an authentication by password, PIN, tokens, biometrics, and smart cards.
The two important factors are token and password. During the data handling there may an incident may affect the system or the information transferred by a system crashes, intrusion, unauthorized use of system privileges so an encryption handling is implemented which involves multiple phases including preparation, identification, containment, eradication, recovery, and lessons learned. An email content policy configured in the Data Security module may specify that a message should be encrypted for delivery.
Email security Gateway supports the use of third-party software for email encryption. We can even use hybrid services for the encryption page. Deciding which data needs encryption is the responsibility of the data steward or owner, and should be done only when there is a true need for it.
Few steps of encryption are we need to hide the information from those with privileged access to the database, to comply with legal statutes, and have to store it in schema for which there is no access of account.
The most important aspect of dealing with encryption is the key. In encryption a key is a variable applied to an algorithm which is used for encryption of data. A key always consist of secrete value. But it may become difficult to write a key generation policy without considering the encryption environment and also the software which we use to generate a key. After generating the key a key management has to be done.
A key that is generated is used for encrypt and decrypt whatever the data is being encrypted/decrypted.
There are two types of algorithms such as Symmetric-key algorithms and Public-key algorithms, symmetric-key algorithm uses a single key for the encryption for the information where as public-key algorithm uses two types of keys public key and private key for encryption.
These keys are generated ramdonly for their security these encryption algorithms doesn't have a particular path for producing the keys for the encrypted information.
Key management management of cryptographic keys in cryptosystem. This includes dealing with the generation of primary keys that are used to cypher the encrypted text or information that is required by a user. This key management contains the information regarding the generation, storage, exchange, use and replacement of keys.
The best way to avoid an encryption key management problem is to not create a key management problem in the first place, but they should expand their use of encryption with a strategic approach to the encryption key lifecycle in mind.
Successful key management is very crucial for the security of a cryptosystem where it deals with the security ploicies, user training, organizational and departmental transactions, and coordination between all of these elements.
Example Policy for Encryption:
My own policy for encryption is that it is used as a security for the information or messages in an encrypted format where the information cannot be read by the unauthorized users until unless they have the key to decrypt the information or message.
MNC companies face many problems with information security so they use these cryptography technique to write encryption algorithms to encrypt and decrypt their information or message. By using the policies for the encryption they can create a better encrypted information that cannot be read by the unauthorized users and also they can create a better way to encrypt and decrypt the information.
The policies for encryption are to be used to create a better authorization for the access of the data from the users depending upon the rights provided with in an organization for the access of the information and these policies help the users to create a better security for information with in an organization.