The data breach statistics for 2013 uncover some unsettling trends. Research by IBM reveals that incidents of the loss and theft of
sensitive data have increased by 38 per cent since last year, with 75 per cent of businesses reporting a serious impact on brand reputation and customer satisfaction. The attack and exploitation of business IT infrastructure is almost epidemic, with some businesses being attacked as many as 2 million times a week. What makes the scenario so much worse is that most of these attacks are not detected for months.
The Case for OpenPGP Encryption
OpenPGP (Open Pretty Good Privacy) is one of the most trusted and popular encryption standards. Created by a special director at Computer Professionals for Social Responsibility, OpenPGP works by encrypting emails and files using a ‘private/public key’ system. Data is encoded using a public key, and decoded using a private, individual key allocated to each employee or user. PGP is also used to send digital autographs, composed of user names and account data, which are mathematical summaries (called
a ‘hash’) encrypted and decrypted only with the senders private key, ensuring that the receiver can guarantee the origin of a message. The Outlook plugin gpg4o is based on OpenPGP. This provides one of the safest encryption methods for Microsoft Outlook 2010 or Outlook 2013. With gpg4o a digital signature from the sender can be attached to an email and this allows additional safety.
Why It’s Probably Not an Inside Job
The majority of attacks originate outside of a business, and, contrary to popular belief, many of them rely on low-tech phishing tactics. Where you’re employees find themselves facilitating an attack, it’s most likely due to them unwittingly handing over sensitive information after a phone call, email or social network request that seems legitimate. The benefits of private encryption keys in this case are rather obvious, but the scenario raises the question of how we protect data when it’s not in transit. Archiving vital details using OpenPGP software means that it’s robust security measures will prompt would-be thieves, who are predominantly opportunists, to pick an easier target (and there are lots of those).
The Key Benefits of OpenPGP
OpenPGP software for enterprises is based on a graphic user interface, which is really a simple point-and-click system that requires minimal training. It’s key benefits include:
- Compatibility with all email clients, including Outlook 2013 and Outlook 2010, especially with gpg4o
- Allows you to share information, such as datasheets, securely
- Identity verification prevents phishing
- Protection against both virus and email attacks through signatures
- Users are able to determine who authorized a file, where and when
- … and much more