Data Encryption – Your Key to Protecting Digital Information

Protecting stored data is every bit as important as protecting computer access or online accounts. What’s the best way for ministries to safeguard all the information they need to access, such as giving records, member lists, employee records, or finance reports? Should you keep it on your computer? Save it to a flash drive? We spoke with Matt Cohee, network security analyst with Brotherhood Mutual, and he offered some best practices for safeguarding your stored digital information.

Scramble Your Files with Data Encryption

Data encryption is a way to protect digital information from unauthorized use. It essentially scrambles your stored information, making it useless to hackers and thieves. It works by requiring a username and password, often called a key, to access and unscramble the information into its original format. This is different than typical password protection, which requires a username and password to access the information. For example, without a key, an encrypted spreadsheet of your ministry’s members would appear as random letters, numbers, and symbols.

When choosing encryption software or hardware, Cohee recommends looking for AES 256 encryption, which is currently the highest standard for data security. “Using AES 256 encryption is like locking both the deadbolt and the handle on a door. Lesser encryption standards are more like just closing the door, which makes it very easy to break in,” explained Cohee.

Storing Data on Your Computer

If you store sensitive ministry information on your computer’s hard drive, it’s a good idea to protect it with encryption software, which requires a username and password to access specific files. Think about your ministry’s most sensitive data, such as financial reports. Encryption software allows you to protect those files so no one without a key can read them.

“Encryption software should be sufficient for most ministries,” said Cohee. It can be installed on each user’s computer so encrypted files can be shared between users. To take it a step further, some encryption software offers optional full disc encryption. This scrambles all the data on a computer’s hard drive, instead of individual files. If a ministry computer were ever lost or stolen, full disc encryption protects everything on the computer’s hard drive.

Storing Data off Your Computer

Once you’ve protected the sensitive data on your computer’s hard drive, it’s time to think about how to safely store and share information elsewhere. There are many options, such as flash drives, external hard drives, cloud storage, or network storage.  

For smaller ministries with a few employees, Cohee advises that an external hard drive makes sense, especially when considering the relatively low cost. “The downside is that only one person at a time can access the drive,” he said. The same holds true for flash drives, although their small size is convenient for transferring files from one computer to another. A potential downside is that small drives can get lost, stolen, or damaged if exposed to heat or water. For critical organizational information, such as tax records, you may want to keep a back-up copy stored off site on a second drive.

If you have a team of people that needs simultaneous access to data, cloud storage is a great option. “Cloud storage enables quick access to data, even when not in the ministry building. This is especially helpful for groups like finance teams,” offered Cohee. He cautions that cloud storage isn’t always encrypted, so make sure you’re choosing a well-known provider that offers encryption. “Each user will still want to use a strong username and password, as well as two-factor authentication, when working with cloud storage,” he added. Two-factor authentication requires users to have a password and an additional method of verification, such as a pin number, texted to a smartphone, before they can gain access to an account.

Network-attached storage, or NAS, is another option for file access while working on-site. This type of storage is less expensive and easier to set up than traditional networked storage. Just remember, no matter what type of file storage you use, make sure it’s protected with AES 256 encryption.

Stay Vigilant

There are certain steps users should take to maximize the security of their encrypted data. Cohee reminds users to take the following steps when using any type of encrypted storage:

• Make sure the encryption type is robust - AES 256 is the current gold-standard
• Choose a long password – sentences work well
• Use a unique password – one that isn’t used elsewhere
• Use two-factor authentication

“Regardless of the type of storage your ministry chooses to implement, safeguarding the data with encryption should be your priority,” Cohee advised.

For more information about protecting your ministry’s personal data and online accounts, read the Online Safety Library article Defeating Cyber Criminals Before They Break In for effective ways to prevent cyber theft, malware, or social engineering.

Posted July 14, 2021

The information provided in this article is intended to be helpful, but it does not constitute legal advice and is not a substitute for the advice from a licensed attorney in your area. We strongly encourage you to regularly consult with a local attorney as part of your risk management program.