Encryption
Sign in

Encryption

Information Security Professiona
Encryption is a technology that employs a level of math which, if explained in detail to the average person, would make his head explode.  But it is essential for online commerce.  Truly, it is no exaggeration to say that secure online anything that involves money or personal information could not happen without encryption.  Further, secure remote access—used by corporate road warriors—would not be possible without encryption.  And increasingly, encryption is being used to keep private data private when “at rest,” that is, when sitting in a file on a database somewhere. 

Luckily for most of us, encryption when communicating over the Internet is automatic.  When you click on the link to browse to your online bank account, your bank’s website knows that it should communicate with your PC over a secure channel.  So the two ends of the conversation work together.  They use their magic decoder rings to shake hands, agree on the security protocols, prove that they are who they say they are, and finally set up a one-time secret code for the session.  (Really, this is what happens).    

The end result is that you should see “https” at the beginning of the URL and the lock symbol at the bottom of the page.

Internet Explorer users will see something like this:

Mozilla users will see this:

In fact if you do not see both the https and the lock, you may have been led to a fraudulent site.  Best practice and common sense would dictate that you close the browser, re-open it, and try again.  

I’ll say it again: look for the lock.  If you don’t see it, RUN AWAY!

Next time: Symmetric encryption

start_blog_img