By Laurie Robb · August 20, 2025
Data encryption is a fundamental component of data security that uses algorithms to transform data into an unreadable format, called "ciphertext," which can be accessed only with the correct decryption key. This process is crucial for protecting sensitive information from unauthorized access, modification, disclosure, or theft across various endpoints, removable media, networks, and the cloud.
Data encryption is essential for any organization, as it addresses a variety of modern cybersecurity challenges:
Data encryption operates by applying algorithms to data in different states of its lifecycle:
Symmetric Cryptography. This utilizes a cryptographic algorithm that employs the same secret key to both encrypt and decrypt data. For example, the Advanced Encryption Standard (AES) algorithm uses a single key to scramble a message, and then unscrambles it, ensuring that only someone with that specific key can access the content.
Asymmetric Cryptography. This uses a pair of keys to secure data. A public key is used to encrypt a message or create a digital signature. A different, secret private key is used to decrypt the message or verify the signature. Examples of asymmetric encryption include RSA and ECC.
The cybersecurity landscape is on the verge of a significant change due to advances in quantum computing, which pose a threat to current encryption standards. This has led to the emergence of post-quantum cryptography (PQC) as a vital area of focus for organizations.
The term "Q-Day" refers to the time when a quantum computer will be powerful enough to break today's standard encryption. While the exact timing is uncertain, security professionals believe it could happen within a decade or sooner.
This has given rise to the threat of "harvest now, decrypt later" (HNDL) attacks, where adversaries collect encrypted sensitive data today to decrypt it once powerful quantum computers become available. According to a recent survey, a significant majority of organizations, around 65%, are concerned about this threat.
The two main quantum algorithms that threaten current cryptography are:
To counter these threats, the industry is shifting to new families of mathematical problems that are difficult for both classical and quantum computers to solve. A leading approach is "lattice-based cryptography."
NIST is leading the standardization effort and has selected new algorithms such as CRYSTALS-Kyber for key establishment and CRYSTALS-Dilithium for digital signatures.
The ability to efficiently update cryptographic algorithms without significant disruption, known as cryptographic agility or crypto agility, is crucial for this transition. This requires more than just swapping algorithms; it involves a thorough cryptographic inventory and strategic research.
Organizations should ensure they have immediate and long-term resourcing plans to support their transition to crypto agility, with processes and technologies that address this fundamental threat to data security.
Trellix provides a comprehensive approach to data encryption that is managed through a centralized ePolicy Orchestrator (ePO) platform. This platform allows for the easy deployment and administration of encryption policies across endpoints and removable media.
Trellix offers a suite of encryption products that can be used individually or combined to provide comprehensive data protection:
By implementing a robust data encryption strategy, organizations can effectively protect their data, meet compliance requirements, and reduce the risks associated with data breaches and insider threats.
Trellix Drive Encryption safeguards data and devices from unauthorized access.
Get protection that meets government and industry standards and ensures that files are encrypted when transferred to removable media or sent via email.
Learn how a multilayered data encryption strategy protects sensitive data and helps prevent catastrophic leaks.
Laurie Robb leads Product Marketing for Trellix Data Security. Her product lines include Data Loss Prevention, Data Encryption, and Database Security. She has more than two decades of marketing communications experience with specialities in corporate technology, SaaS software, and cybersecurity solutions.