Encryption is the process by which data is scrambled in such a way that only select individuals can unlock and access it. Depending on the type of data one is working with, different cryptographic techniques are required to effectively encrypt the data.
- Data at rest: Commonly consist of information residing on your hard drive. It is data that is not being moved or transmitted across a network. Examples might be a text document, spreadsheet, image, etc.
- Data in motion: Data that is being sent across the network. Examples include email, text messages, Skype chat, etc.
- Symmetric: This is when you encrypt data and create one key (think of it as a password) that anybody who knows can use to decrypt the data. The security risk lies in the key and its transmission. If just one person gives away the key, the data is compromised. For example, a hard drive that everyone in a lab must access that uses one general key to decrypt.
- Asymmetric: Allows you to securely communicate with an individual without having to worry about third parties intercepting the message or the secret/key which decrypts the message (because it is never transmitted). You assign a unique key to an individual and only they can decrypt it if their own key, used in conjunction with the one sent, correctly identifies them. The security risk here rests on the identities of the parties, creating what is known as a "web of trust".
The tools for securely encrypting data really depend on the type of data and the individuals who need access.