To IT professionals, using encryption for sensitive data is common sense. But organizations often don’t implement the technology, in part because users and decision makers still believe these myths about data encryption:
- Password-protecting the computer is good enough – Most PCs used for work, especially laptops, will require a user to sign in with a password. Users may believe that’s enough protection. But if a laptop is lost or stolen, a criminal can easily remove the hard drive and put it in another machine to access the data — unless it’s encrypted.
- Encryption slows performance and reduces productivity – Many people believe this because they don’t fully understand what encryption is or realize that they use it all the time — for example, when they buy things online.
- OS-based encryption is good enough – Microsoft Windows has encryption built in to some OS versions. However, some security experts point out that, like other MS software, those encryption tools can contain vulnerabilities that can be exploited if they’re not patched.
If you’re trying to get support for adopting new encryption tools — and getting users to follow encrypting practices — explaining to users and management why those myths are false can be a big help.
To learn more about common encryption myths, download this white paper from security vendor WinMagic.