Preparing exam SC – 900 – Microsoft Security, Compliance, and Identity Fundamentals – Explaining concept of data Encryption and Hashing – Part 4

SC-900 - Asymmetric encryption - using pair keys to encrypt and decrypt data
SC-900 - Asymmetric encryption - using pair keys to encrypt and decrypt data

Hi All,

Greetings for the day!!!

We are continuing discussing security related concepts and preparing study material for exam SC – 900 – Microsoft Security, Compliance, and Identity Fundamentals

In last three articles we discussed

In this article we will discuss two more important concepts – Encryption and Hashing

Take away from this article

  • What is Encryption
  • Types of Encryption
  • What is Hashing

These both the techniques – Encryption and Hashing are used to protect our data from cybercriminals

Encryption

  • Encryption is one of the approach to mitigate cybersecurity threats
  • We encrypt the data so that unauthored users / viewers cant read data
  • To read encrypted data we need to decrypt it and it requires secret key
  • Encryption maintain the confidentiality of the data
  • Encrypted data also known as ciphertext
  • Types of encryption
    • Symmetric
    • Asymmetric
  • Symmetric encryption
    • In Symmetric encryption we use the same key to encrypt or decrypt data
SC-900 - Symmetric encryption - using same key to encrypt and decrypt data
fig : SC-900 – Symmetric encryption – using same key to encrypt and decrypt data
  • Asymmetric encryption
    • In Asymmetric encryption we use the pair of keys to encrypt or decrypt data
    • Once we encrypted data to encrypt we need paired key to decrypt data
SC-900 - Asymmetric encryption - using pair keys to encrypt and decrypt data
fig : SC-900 – Asymmetric encryption – using pair keys to encrypt and decrypt data
  • We could encrypt our data at several levels like
    • Encryption for Data at REST
      • We will store encrypted data irrespective where it stored – in database / storage account
      • Data is in unreadable format and to decrypt we need secret key
      • Without encryption keys data wont be decrypted. It will be in unreadable format
      • Example
        • Files which we uploaded in SharePoint Online, OneDrive for business, messages and attachments in MailBox
    • Encryption for Data in Transit
      • Data in Transit means when data is in transfer state
      • Data is being transferred either over Internet or in our private network
      • This can be handled at different layers
      • One approach is encrypting data at application layer before sending it to Network
      • HTTPS is one of the example of encryption in Data in Transit
      • Example
        • Email communication in Microsoft365
        • Conversation in meetings
    • Encryption for Data in Use
      • Securing data when data is processed
      • This means securing data is non-persistent storage like RAM or CPU caches
      • One of the approach is use of technologies like Enclave
  • Example
    • With Microsoft 365, data is encrypted at rest and in transit
    • Using several strong encryption protocols, and technologies which includes Transport Layer Security/Secure Sockets Layer (TLS/SSL), Internet Protocol Security (IPSec), and Advanced Encryption Standard (AES).

Hashing

  • Hashing is the concept of converting plain text to some hash value
  • To convert plain text to hash value, hashing algorithms are used
  • Hashing technology focuses on to maintain the integrity of the data
  • Hashing is used to store passwords
    • Hash is created for stored password using some hash algorithm
    • When user enters password same algorithm is used to create the hash of the entered password
    • If both the hash values are matches the entered password is correct
    • This is the secured way to store the passwords rather storing plain text passwords
  • Some of Hashing Algorithms
    • MD4 / MD5
    • SHA

Thanks for reading the article !!! Please feel free to discuss in case any issues / suggestions / thoughts / questions !!!

HAVE A GREAT TIME AHEAD !!! LIFE IS BEAUTIFUL 🙂

Prasham Sabadra

LIFE IS VERY BEAUTIFUL :) ENJOY THE WHOLE JOURNEY :) Founder of Knowledge Junction and live-beautiful-life.com, Author, Learner, Passionate Techie, avid reader. Certified Professional Workshop Facilitator / Public Speaker. Scrum Foundation Professional certificated. Motivational, Behavioral , Technical speaker. Speaks in various events including SharePoint Saturdays, Boot camps, Collages / Schools, local chapter. Can reach me for Microsoft 365, Azure, DevOps, SharePoint, Teams, Power Platform, JavaScript.

You may also like...

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: