6 myths about data encryption

Article

Encryption may seem like a scary process, but can you really afford to have unsecured data?

Data breaches are in the headlines almost every day, yet only a small percentage of cyber attacks target the big organizations like Sony, Anthem or the U.S. government. If you’re a small- or mid-sized business (SMB), like a dental practice, your data is under attack too. 

More than 700 million records were compromised in 2014, and 53 percent of confirmed data loss incidents are in organizations of less than 1,000 users, according to a report by Verizon. No business or institution anywhere in the world is immune to data theft, regardless of geography, size or industry. 

So much of IT security is focused on protecting physical things - servers, desktops and laptops, mobile devices - but dental offices should think more about how to protect the valuable data on those computers. With the proliferation of data and the need to access data from anywhere at any time, encryption is rapidly emerging as the best place to start your security strategy. 

Despite the cold, hard facts of data breaches and accidental data loss, practices are slow to adopt encryption. Why? In part, it’s because encryption has long been shrouded in myths.

Related reading: 9 ways to avoid cyber attacks

Myth: Only businesses that have compliance requirements where encryption is mandated by law need to use encryption. 

Truth: For any type of organization, data has value and needs to be protected. That may be customer information (names, emails, credit card information), internal finance or competitive information, employee information, intellectual property and more. Simply put, data is currency - it has value and should be protected as such. Companies should always encrypt sensitive data, whether  legally obligated or not. Of course, HIPAA requires encryption, so it’s sort of a moot point!

Myth: Encryption is too complicated and requires too many resources. 

Truth: Data encryption can be very simple to implement and manage. The key is to understand the types of data you need to encrypt, where it lives and who should have access to it. Plus, if you choose full-disk encryption, it becomes even easier for everyone to secure their data on a daily basis. 

Myth: Encryption will kill database and application performance. 

Truth: Performance of applications, databases, servers and networks is a top priority of IT and end users. When designed and implemented properly, encryption can not only protect the critical data running through those systems, but its presence can have minimal impact on performance that’s imperceptible to users. 

More from the author: 8 ways to keep your practice HIPAA compliant

Myth: Encryption doesn’t make data stored in the cloud more secure. 

Truth: Storing encrypted data in the cloud is more secure than storing non-encrypted data in the cloud. Do you know where cloud data is stored? Who truly has access to it? The answers to these questions underscore the reason that all data that’s sent to the cloud should be encrypted, with the encryption keys controlled by you.

Myth: Encrypting data is more important than key management. 

Truth: Encryption without careful key management is pointless. Too many organizations fail to manage their encryption keys, either storing them on the same server as the encrypted data or allowing a cloud provider to manage them. You wouldn’t want to lock your car and leave the keys in the door. 

Myth: If your data is encrypted, it can’t be stolen. 

Truth: Encryption doesn’t stop data loss or theft, but it does keep data safe by making it unreadable and unusable. Choose an encryption solution that provides proof that your data was indeed encrypted.

Dental offices should consider encryption of any and all devices that contain patient data - it’s your only “Get-Out-Of-Jail-Free card” if you ever suffer a breach.

 

Recent Videos
GNYDM24 Product Focus: Michele Gabriel of DDSmatch stops by the DPR booth at the Javits Center in New York.
GNYDM24 Product Focus: Debra Engelhardt-Nash talks about how Weave's systems can help with increasing patient acceptance and with practices getting paid.
At DS World 24, Max Milz, Dentsply Sirona VP, Connected Technology Solutions, talks about the company's new Primescan 2 intraoral scanning solution and how it fits in with a variety of digital dentistry workflows.
At Dentsply Sirona World 2024, Henry Schein's Matt Kunzler talks about the brand new innovations from Dentsply Sirona, including Primescan 2, a first of its kind cloud native scanner, as well as Henry Schein's flex financing solutions.
Mastermind Episode 33 – Charting the Course for the Future of Dentistry
2024 Chicago Dental Society Midwinter Meeting – Interview with Peter Maroon, business development and sales lead at Spectrum Solutions® on the new salivary diagnostic test, SimplyPERIO.
CDS 2024: What's New at TAG University? with Andrew De la Rosa, DMD
CDS 2024: Breaking Down Barriers to Care with Eric Kukucka, DD
© 2024 MJH Life Sciences

All rights reserved.