Network security
Kia haumaru te raraunga pakihi ki te whakamuna

Keep business data safe with encryption

Your organisation might use a website to collect data from customers, or you might store important data in databases. To keep that data safe, you'll need to encrypt it – when it's collected and when it's being stored.

What it is

Encryption is a method of converting data from human readable form into a secret code.

How it works

There are two kinds of encryption for business data.

Encryption in transit, for data collection

Encrypting data when you collect it is called encryption 'in transit'.

The most common need for encryption in transit is when you collect data from your customers through your website. You'll need to configure a certificate and key (also called asymmetric keys) so that your website uses HTTPS.

Benefits of using https across your website

Encryption at rest, for data storage

You need to consider encryption at rest everywhere you store data that's important and sensitive to your business, including:

  • customer data
  • third party data
  • intellectual property
  • internal data, and
  • backup data.

Common places to configure encryption at rest are on your devices, servers and databases.

Why it matters

Using encryption protects the data you collect and store so that only your organisation has access to it. If your employee lost their device, or the hard drive you use for backups was stolen, the data couldn’t be accessed without your encryption key.

Encrypting your customers' data also builds trust. Data and privacy breaches are on the rise, and customers are starting to set higher expectations for the companies they share data with. Before buying from you, savvy customers will check:

  • your external security or privacy policy for details around how you encrypt and protect their data
  • you're using HTTPS on your website.

Create an online security policy for your business

How to protect your business

  • Identify how you collect and store data

    To begin with, identify the different ways that you collect or store data. These are all the places where you will need to configure encryption. This list is likely to include your:

    • website
    • employees’ laptops and mobile phones
    • office
    • organisation’s servers and databases.
  • Configure encryption on your devices, servers and databases

    Most devices have features that allow you to easily configure encryption and set your own key. 

    To add encryption to your website, you will need to generate a digital certificate and key. HTTPS certificates can also be generated for free using services like Let’s Encrypt.

    Benefits of using HTTPS across your website

Get help

Technology vendors often have helpful guides on how to configure encryption, or you can ask for help from your technical support staff.

Choosing an IT service provider