What is encryption and how does it protect your data?


Encryption is the process that scrambles readable text so it can only be read by the person who has the secret code, or decryption key. It helps provide data security for sensitive information.

Encryption is an important privacy tool when you are sending sensitive, confidential, or personal information across the Internet.

Encryption scrambles plain text into a type of secret code that hackers, cybercriminals, and other online snoops can't read, even if they intercept it before it reaches its intended recipients. When the message does get to its  recipients, they have their own key to unscramble the information back into plain, readable text. 

Encryption, then, can help protect the data you send, receive and store using a device. That can include text  messages stored on your smartphone, running logs saved on your fitness watch, and banking information sent  through your online account. 

What is encryption? 

Encryption is a process that scrambles readable text so it can only be read by the person who has the secret code,  or decryption key. It helps provide data security for sensitive information. 

Vast amounts of personal information are managed online and stored in the cloud or on servers with an ongoing connection to the web. It’s nearly impossible to do business of any kind without your personal data ending up in an organization’s networked computer system, which is why it’s important to know how to help keep that data  private. 

Encryption plays an essential role in this task. 

How does encryption work? 

Encryption takes plain text, like a text message or email, and scrambles it into an unreadable format — called “cipher text.” This helps protect the confidentiality of digital data either stored on computer systems or transmitted  through a network like the Internet. 

When the intended recipient accesses the message, the information is translated back to its original form. This is called decryption. 

To unlock the message, both the sender and the recipient have to use a “secret” encryption key — a collection of algorithms that scramble and unscramble data back to a readable format. 

What are the two main types of encryption systems? 

An encryption key is a series of numbers used to encrypt and decrypt data. Encryption keys are created with algorithms. Each key is random and unique. 

There are two main types of encryption systems: symmetric encryption and asymmetric encryption. Here’s how  they’re different.        

  • Symmetric encryption uses a single password to encrypt and decrypt data.        
  • Asymmetric encryption uses two keys for encryption and decryption. A public key, which is shared among users, encrypts the data. A private key, which is not shared, decrypts the data. 

What is an encryption algorithm? 

An encryption algorithm is the set of rules, usually governing a computer or other tech device such as a smart phone, that turns readable data into scrambled cipher text. 

The data scrambled by these algorithms look like randomized code. But the algorithms configure this scrambled  data in a purposeful way so that it can easily be turned back into a readable format by a decryption key. 

What are the types of encryption algorithms? 

There are several types of encryption, some stronger than others. Here are the most common examples of encryption. 

Data Encryption Standard (DES)

Data Encryption Standard is considered a low-level encryption standard. The U.S. government established the standard in 1977. Because of advances in technology and decreases in the cost of hardware, DES is essentially obsolete for protecting sensitive data. 

Triple DES

Triple DES runs DES encryption three times. It encrypts, decrypts and encrypts data — thus, “triple.” It strengthens  the original DES standard, which is now viewed by security experts as being too weak for sensitive data.


RSA takes its name from the familial initials of three computer scientists. It uses a strong and popular algorithm for encryption. RSA is popular because of its key length and, therefore, widely used for secure data transmission. 

Advanced Encryption Standard (AES)

Advanced Encryption Standard is the U.S. government standard as of 2002. AES is used worldwide. 


TwoFish is considered one of the fastest encryption algorithms and is free for anyone to use. It’s used in hardware and software.  

How does encryption keep the Internet secure? 

Most legitimate websites use the encryption protection called “secure sockets layer” (SSL), which is a form of encrypting data that is sent to and from a website. This keeps attackers from accessing that data while it is in transit. 

Want to make sure a site is using this technology? Look for the padlock icon in the URL bar, and the “s” in the “https://”. If you see these signs, you'll know that you are conducting secure, encrypted transactions online. 

It’s a good idea to access sites using SSL when: 

  • You store or send sensitive data online. If you use the internet to carry out tasks such as filing your taxes,  making purchases, renewing your driver’s license, or conducting any other personal business, visiting sites using SSL is a good idea.
  • Your work requires it. Your workplace may have encryption protocols, or it may be subject to regulations  that require encryption. In these cases, encryption is a must. 

Why does encryption matter? 

Why is encryption important? Here are three reasons: 

1. Internet privacy concerns are real

Encryption helps protect your online privacy by turning personal information into “for your eyes only” messages intended only for the parties that need them — and no one else. 

You should make sure that your emails are being sent over an encrypted connection, or that you are encrypting each message. 

Most email clients come with the option for encryption in their Settings menu. If you check your email with a web  browser, take a moment to ensure that SSL encryption is available. 

2. Hacking is big business 

Cybercrime is a global business, often run by multinational outfits. 

Many of the large-scale data breaches that you may have heard about in the news demonstrate that  cybercriminals are often out to steal personal information for financial gain. 

3. Regulations demand it 

The Health Insurance Portability and Accountability Act (HIPAA) requires healthcare providers to implement  security features that help protect patients’ sensitive health information online. 

Institutions of higher learning must take similar steps under the Family Education Rights and Privacy Act (FERPA)  to protect student records. 

Retailers must contend with the Fair Credit Practices Act (FCPA) and similar laws that help protect consumers. 

Encryption helps businesses stay compliant with regulatory requirements and standards. It also helps protect the  valuable data of their customers. 

Can scammers use encryption to commit cybercrimes? 

Encryption is designed to protect your data, but encryption can also be used against you.

Targeted ransomware is a cybercrime that can impact organizations of all sizes, including government offices.  Ransomware can also target individual computer users.

How do ransomware attacks occur? Attackers deploy ransomware to encrypt the various devices, including  computers and servers, of victims. The attackers often demand a ransom before they will provide a key to decrypt  the encrypted data. The goal is to persuade victims to pay out as a way to recover access to their important files,  data, video and images.

Ransomware attacks against government agencies can shut down services, making it hard to get a permit, obtain  a marriage license, or pay a tax bill, for instance.

Ransomware attacks aimed at large organizations and government agencies tend to generate the biggest headlines. But ransomware attacks can also happen to you.

How can you protect yourself against ransomware?

Here are some tips to help protect your devices against ransomware attacks and the risk of having your data encrypted and inaccessible.

  • Install and use trusted security software on all your devices, including your mobile phone. Keep your security  software up to date. It can help protect your devices against cyberattacks.
  • Update your operating system and other software. This can patch security vulnerabilities.
  • Avoid reflexively opening email attachments. Why? Email is one of the principal methods for delivering ransomware. 
  • Be wary of any email attachment that advises you to enable macros to view its content. If you enable  macros, macro malware can infect multiple files. 
  • Back up your data to an external hard drive. If you’re the victim of a ransomware attack, you’ll likely be  able to restore your files once the malware has been cleaned up.
  • Consider using cloud services. This can help mitigate a ransomware infection, since many cloud services  retain previous versions of files, allowing you to “roll back” to the unencrypted form.
  • Don’t pay the ransom. You could pay a ransom in hopes of getting your files back — but you might not get  them back. There’s no guarantee the cybercriminal will release your data.

Encryption is essential to help protect your sensitive personal information. But in the case of ransomware attacks,  it can be used against you. It’s smart to take steps to help you gain the benefits and avoid the harm.

What is encryption used for?

It’s important to encrypt the messages, files and data that you send whenever they are personal, sensitive or classified. You don’t want hackers intercepting your emails to your doctor if you are sending information about an illness. You don’t want criminals to ccess your financial information after you log into your online bank account. And you don’t want scammers to snag that confidential report you are reviewing for your employer. It’s important to encrypt all this data to keep it secret.

What is the strongest encryption method?

There are several encryption methods that are considered effective. Advanced Encryption Standard, better known as AES, though, is a popular choice among those who want to protect their data and messages. This form of encryption has been the U.S. government standard as of 2002. AES is used worldwide.

More than 50 million customers trust Norton with their personal information.

Your partner against cyber threats. Norton 360™ with LifeLock™, all-in-one protection against evolving threats to your connected devices, online privacy and identity.

Try Norton 360 with LifeLock. Post, bank and shop from your device. We’ll keep it secure.

Dan Rafter
  • Dan Rafter
  • Freelance writer
Dan Rafter is a freelance writer who covers tech, finance, and real estate. His work has appeared in the Washington Post, Chicago Tribune, and Fox Business.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.