We’ve all heard about the rash of identity thefts which are made that much easier with the advent of the Internet and the access we all have to information these days. Maybe you even know someone who’s been a victim of this crime (I do), and the maddening process to untangle yourself from someone who’s using your identity for ill-gotten gain.
My company, Snowbound Software is in the business of document viewing and conversion, so as you can imagine, the security of the content in documents accessed by our applications is of extreme importance to our many customers. And while this information needs to be secure, it also needs to be easily accessible to those who are authorized, a double-edged sword at times.
As I write this, I received an email from Health Data Management talking about two security breaches into healthcare database repositories, one via email login and the other via direct server breach. So what can be done to try and safeguard our personal and business information, and therefore protect ourselves (as best we can) against these types of attacks? Data encryption is one of the ‘keys’, if you’ll pardon the pun…
Data encryption refers to mathematical calculations and algorithms that are used to transform plain text into cipher text – unreadable to unauthorized parties. Each encryption system uses a ‘key’ (password) which is shared between the sender and the recipient. This key has the ability to encrypt and decrypt the data. A recipient of an encrypted message uses their ‘key’ to decode encrypted cipher text back into readable plain text.
Prior to the widespread use of the Internet, data encryption was seldom used by the general public, and was more of a military security and communications tool. The growth of online transactions such as banking and shopping has made people more aware of the need for data safeguards. Web browsers automatically encrypt text when making secure server connections (look for the https and padlock designations when shopping online) to thwart intruders.
Snowbound Software takes data security very seriously, as many of our clients are in the banking, legal, government, and healthcare industries – where the security and integrity of information is paramount. Snowbound strives to keep current with the latest advances in information technology, with the goal of adhering to advanced data encryption standards.
AES Encryption – the Latest Standard
Advanced Encryption Standard (AES) is the National Institute of Standards and Technology specification for the encryption of electronic data adopted by the US Government. AES was announced after a five-year standardization process in which fifteen competing designs were presented and evaluated before the winning design, called Rijndael, was approved. AES replaces the once commonly used, and now outdated and insecure, Data Encryption Standard (DES) developed in the seventies.
AES algorithm uses one of three ciphers strengths, a 128-, 192- and 256-bit encryption key (password), but can be configured to any multiple of 32 bits with a minimum size of 128 bits. Increasing the key size not only offers a larger number of bits which may be used to encrypt the data, but also increases the complexity of the cipher algorithm – for added security.
Clients of Snowbound Software realize the benefits of AES data security through the ability to decrypt and view secure PDF/AES files through our Java and Windows viewing applications and toolkits. Our off-the-shelf software offerings provide most commonly needed functionality, while our flexible software development toolkits (SDKs) give software developers the tools they need to create a tailored solution – for the best integration with other systems, and the ability to build in customized functionality that may more directly meet the needs of the enterprise.
Scott Pasho, Snowbound Software
How can we help you?