I am safe. My data is encrypted. Right?

A common misconception is that encryption by itself means the data is secure.  In a previous blog post, we used the door and lock analogy.  Building on that analogy, encryption is like having a lock for your data.  The critical part is making sure only the correct users have the key.

When you use applications like WhatsApp or Telegram that highlight end to end encryption as a feature, are you safe?

WhatsApp notes on its website “Media and messages you back up aren’t protected by WhatsApp end-to-end encryption while in iCloud.”  That means data sent from WhatsApp to iCloud are not encrypted. WhatsApp and Telegram encrypt data in transit and at rest while stored within the app.  Sharing or backing up data (as disclosed by WhatsApp) sends unencrypted data.

It’s all in the details.

SecureCircle’s Transparent File Encryption has similar details which need to be appropriately configured.

SecureCircle’s Application Isolation is a feature which administrators can allow or deny specific applications from accessing content within a protected file.  Typically, this feature is used to limit applications from opening specific file types.  Administrators can force users to open PDF files with IT approved Adobe Reader and not allow untested or suspicious applications from opening PDF files.

For backup applications, admins need to decide if the backup application is going to back up the encrypted data so if anyone ever gains access to the backup storage location, the data would still be protected or the backups can store unencrypted data.  Unencrypted backup data may be easier to manage as the admin could access content without having a SecureCircle configured device.  Do you have trust that backup administrations will not become the source of a data leak: both accidental and malicious?  Similar configuration decisions need to be made for applications like e-discovery and scan & index tools.

Encryption workflows need to be well thought out.  Data protection relies on having all the details well defined.  SecureCircle provides a fully customizable and configurable solution to protect unstructured data in any workflow.

SecureCircle works with any application, any file type, any file size, and any device.  SecureCircle never changes file names or extensions so authorized users don’t even know SecureCircle is in the background protecting data.