These days, when it seems like we read about some new hack or data breach every few months (each one bigger than the last), encryption is becoming more important than ever.
What is Document Encryption?
Encryption is the process of encoding a document or data so that only individuals with access to a secret key, password, or token can open and decrypt (make readable) the information. It provides protection to digital materials in transit, at rest, and in storage from being accessed by unauthorized users and is one of the most effective ways to ensure data and document security.
Why Encrypt Documents?
While encryption doesn’t guarantee protection, it does add a layer of security that makes it more difficult for hackers to use the stolen data. That’s why professional scanning services take extra measures to encrypt all of its clients’ digital documents and data at multiple steps throughout the production and delivery processes.
These types of security steps include:
- Encrypting data while it’s being processed or stored on servers and scanning stations
- Encrypting data burned onto digital media, such as a CD, DVD, hard drive, or sent over the internet via secure File Transfer Protocol (SFTP)
- Encrypted emails that ensure data can only be accessed after providing credentials on a secure email server
- Using document management software, such as OpenText™ AppEnhancer and MetaStor®, which has encryption settings to keep data more secure while being stored, accessed, and shared, even remotely
Why Encryption Matters: Data Breach Example(s)
Yahoo’s huge data breach highlights the need for encrypted data. In 2016, Yahoo announced that one billion users’ account information had been hacked three years prior in what became known as the largest data breach in history. In 2017, they corrected themselves, updating their previous statement to reflect that not one but three billion accounts were affected by that breach – a number which comprises every single Yahoo account that existed at the time of the breach.
So how did such a huge data breach happen? It was a targeted phishing attack on Yahoo employees that allowed hackers to gain access to Yahoo’s user database and steal personal information including hashed passwords. Had Yahoo been using up-to-date password encryption, the passwords wouldn’t have been useful to the hackers, but the hashing technique the company used at the time was outdated and easily unscrambled. Now imagine the implications if hospitals didn’t use encryption along with their medical records scanning, let alone banks or government entities.
Failing to encrypt stored data is a common mistake in many industries because encrypted data is harder to use – many companies trying to strike a balance between usability and security tend to lean toward usability. The Yahoo breach underscores the importance of keeping data encrypted from end to end, including during storage where it can often be most susceptible to cyber criminals.
Ensuring Your Documents Are Encrypted
The best way to determine if a document scanning company is following defined rules and processes to protect your documents and data, including encrypting them, is to work with a SOC 2 Type 2 scanning company.
What is the SOC 2 Type 2 Report?
A SOC 2 Type 2 Report is a third-party audit certifying that a company has met the requirements in one or more of the five trust principles. Curious about how SOC 2 Type 2 trust principles protect your data? Here’s a look at the two principles that are most relevant to data protection:
A company which meets the confidentiality trust principal commits to protecting all information designated as confidential. All customer data and documents are defined as sensitive information. Encryption and other policies are in place to address protection requirements, access rights and access restriction, as well as retention and destruction procedures.
This is particularly important for firms that deal with highly sensitive data, such as personal information and health records protected under HIPAA.
A company which meets the security trust principle has a system that is fully protected against unauthorized access, both physical and logical. The most secure document scanning facilities should be highly secure with restricted facility access, have 24/7 physical access and alarm monitoring, key card access and tracking, hourly off-site data backups, and comprehensive disaster recovery plans.