Encrypting Data
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Now we're going to talk about Encrypting Data.
00:00
Encryption is really our fundamental security's tool
00:00
in the Cloud for protecting data.
00:00
We're going to save some of the terminology,
00:00
but they do encryption and data processing.
00:00
Then we're also going to talk about
00:00
the main transportation protocols for encrypting data.
00:00
Then also talk about
00:00
encryption related to a particular business case.
00:00
Before we go any further,
00:00
encryption really refers to
00:00
the cryptographic process of
00:00
rendering plain text information unreadable.
00:00
Typically through the application of subjecting that data
00:00
to some algorithm that renders it unreadable.
00:00
The only way to render it back to
00:00
clear text is through the use of
00:00
a decryption key and we're
00:00
going to talk a little more about that going forward.
00:00
Let's talk about the encryption stages and methods.
00:00
We've already talked about data in transit,
00:00
data in storage and data in process.
00:00
Well, we can apply encryption
00:00
against data in all those various states.
00:00
Encryption at rest is one of the main things that
00:00
we want to apply it in Cloud environments,
00:00
because remember,
00:00
oftentimes we used Cloud environments for
00:00
storage to store data out there,
00:00
to create databases out there,
00:00
to have our files out there.
00:00
It's really important to pick
00:00
an appropriate encryption scheme
00:00
to keep that information safe.
00:00
Especially if you're in
00:00
a multi-tenant environment where there are
00:00
other people's data that's on the same physical hardware.
00:00
There are two real main methods that they are
00:00
discussed in this certification.
00:00
There's whole instance encryption,
00:00
that's where the entire piece of hardware is
00:00
encrypted and there isn't
00:00
much delineation between individual files.
00:00
The everything's encrypted.
00:00
This is also a strategy that's
00:00
typically applied to workstations such
00:00
as laptops and organizations
00:00
that handle sensitive data so if
00:00
that piece of hardware were stolen,
00:00
the thief would never be able to, well,
00:00
hopefully never be able to decrypt
00:00
it and read the information on it.
00:00
The second is volume encryption.
00:00
Volume encryption really is
00:00
about encrypting a particular volume of data,
00:00
meaning a certain set of files or
00:00
information on that piece of hardware.
00:00
Volume encryption is very important in
00:00
the Cloud because it's used to protect
00:00
one organizations data within
00:00
a multi-tenant environment and
00:00
ensure that it stays
00:00
confidential and that's another important point.
00:00
Encryption really ensures confidentiality
00:00
of data that only those
00:00
with the decryption key and the right access are
00:00
able to decrypt and view that information.
00:00
Moving on to data in transit.
00:00
When I was transferring that data from
00:00
our own premise environment to the Cloud or to
00:00
any allowing other organizations to access
00:00
the Cloud or even
00:00
accessing things through trusted services,
00:00
we use encryption in transit.
00:00
Transport layer secure, referred to as TLS,
00:00
is the main encryption protocol
00:00
that's used to securely encrypt data in transit.
00:00
The protocol that came before that
00:00
Secure Sockets Layer really was one of
00:00
the foundational encryption in
00:00
transit protocols on the internet,
00:00
that was deprecated in 2015.
00:00
It's no longer considered the safe and secure.
00:00
TLS is really the standard,
00:00
and they are also continue
00:00
version updates of TLS that used to be aware
00:00
of when implementing it as
00:00
a transport security encryption protocol.
00:00
Then there is an encryption of process.
00:00
There really is one process.
00:00
There's really this term for
00:00
homomorphic encryption refers to
00:00
data that is encrypted but can actually be processed.
00:00
Typically data has to be decrypted
00:00
and then process can be run out.
00:00
But in a homomorphic encryption scheme,
00:00
that data can actually be analyzed
00:00
or processed in an application
00:00
while in an encrypted state.
00:00
A very important aspect of this exam is what
00:00
encryption protocol is really the current standard?
00:00
The current standard is Advanced Encryption Standard 256,
00:00
that often referred to as AES 256.
00:00
This is the encryption standard that's considered
00:00
secure and appropriate for encrypting all information.
00:00
We'll get more into how attackers try to break
00:00
encryption schemes but it has the current level of
00:00
algorithmic complexity that is
00:00
considered the safe and secure standard against
00:00
most methods for breaking
00:00
decryption or decrypting encryption algorithms.
00:00
Quiz question. Which term refers to the process of
00:00
performing calculations on data while still encrypted?
00:00
Homomorphic, holographic or Meta cryptic.
00:00
If you said homomorphic, you're correct.
00:00
That refers to performing calculations
00:00
or processing data while
00:00
it's still in an encrypted state.
00:00
In this lesson we've talked about
00:00
when encryption is deployed in the data life cycle.
00:00
We talked about it in storage and transit and in process.
00:00
We talked about the different encryption
00:00
methods for data at rest,
00:00
volume versus whole instance encryption.
00:00
Then we also talked about
00:00
encryption protocols for data in
00:00
process, as well as transit.
00:00
We talked about TLS as well
00:00
as the homomorphic encryption.
00:00
Now we're going to talk
00:00
about some more granular aspects of
00:00
how this key that's used to
00:00
decrypt the encryption algorithm,
00:00
how those are managed and kept safe.
00:00
>> I'll see you in the next lesson.
Up Next
Instructed By
Similar Content
