DATA BREACHES are making headlines

There were more data breaches in 2014 than any year on record

The average cost of a data breach is now

$3.8 MILLION

AND SNOWDEN REVEALED GOVERNMENTS HAVE SWEEPING SURVEILLANCE POWERS

Among them, the NSA:

Taps fiber optic cables that carry much of the world’s

Internet traffic

Collects over 200million text messages

each day

Intercepts unencrypted data sent between Google

and Yahoo data centers

YOUR DATA SHOULD BELONG TO THE NSAYOUR DATA SHOULD BELONG TO THE NSA

YOUR DATA SHOULD BELONG TO THE NSA

YOUYOUR DATA SHOULD BELONG TO THE NSA

YOU

Security experts agree

is one of the best ways to protect your data

Edward Snowden

“Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.”

Millions of people encrypt data on their computers,

but what about when they use apps?

EMAIL IS LIKE A POSTCARD

Anyone who handles

your email in transit can

read it, including your

ISP, a hacker, or the NSA

Here are some secure alternatives

Encrypted so provider can’t read it?

Encrypted in transit?

CryptoCat Silent Text Silent Phone Signal/RedPhone ChatSecure + Orbot

Can you verify contacts’ identities?

Are past communicationssecure if keys stolen?

Is code open to independent review?

Is security designproperly documented?

Has code been audited?

Here are some secure alternatives

Source: Electronic Frontier Foundation, ProPublica, Joseph Bonneau

And when you browse the Internet,people can see the unencrypted data sent to and from a website

JUST 1.9% of the Internet’s top 1 million sites use HTTPS encryption by default

Browser plugins like HTTPS Everywhere can switch to encryption to thwart

surveillance and cyber criminals

Browser plugins like HTTPS Everywhere can switch to encryption to thwart surveillance and cyber criminals

When it comes to the cloud,

of apps encrypt data stored at rest 11%

Some of the biggest names in cloud computing don’t store customer data encrypted

1. Facebook

2. Twitter

3. YouTube

5. Linkedin

6. Gmail

7. eBay

8. Paypal

4. TubeMogul

10. AOL Mail

9. Hotmail

TOP 10MOST POPULAR

APPSthat don’t encrypt data

WHY DOES IT MATTER?

When the government seized Megaupload’s servers, they seized all the data customers had uploaded to the service

When hackers gained access to Slack’s core systems, they stole unencrypted usernames, email addresses, phone numbers, and Skype IDs

When data is stored encrypted, it is

by any third parties who may gain accessnot readable

There are many encryption options available today

There are many encryption options available today

But there is usually a tradeoff between the strength of the encryption and maintaining cloud app functionality

Functionality Preserved (approximate)

En

cryp

tio

n S

tre

ng

th (

ap

pro

xim

ate

)

Regular (Unstructured) Encryption

Selective Encryption

Searchable Encryption - Keyword Extraction

Searchable Encryption - Local Search Tokenization

Searchable Encryption - Word-By-Word

Data Tokenization

Format-Preserving Encryption (FPE)

Order-Preserving Encryption (OPE)

Search By Prefix

Download the Encryption Handbook

DOWNLOAD NOW

(Report Cover)

Learn more about encryption schemes and their relative strengths and weaknesses.

Brought to you by

The Cloud Encryption Handbook:

Alexandra Boldyreva , Ph.D. Computer Science, M.S., B.S. Applied Mathematics

Paul Grubbs, B.S., Mathematics, Computer Science

ENCRYPTION SCHEMES AND THEIR RELATIVE STRENGTHS ANDWEAKNESSES