You may have seen the term “256-bit encryption” floating around, and had no idea what it meant. If that’s the case, then you’re in good company–encryption is a complex subject for most people, and most explanations don’t make for light reading. In today’s blog, we’ll try to boil it down into the most commonly asked questions we receive, so that you can understand why 256-bit encryption is used by banks, governments, and militaries across the world. And, of course, since this is a practice management blog, we’ll also explain why today’s CPAs should only be exchanging client information via a secure client portal.
What is computer encryption?
To put a very long matter short, computer encryption protects digital information from unauthorized access by converting data into an unreadable code. Only people with access to a decryption key can read it. Encrypted data is commonly referred to as cipher text, while unencrypted data is called plaintext. Currently, encryption is one of the most popular and effective data security methods used by organizations around the world.
How safe is 256-bit encryption?
“256-bit” refers to the length of the encryption key used to encrypt a data stream or file. A hacker will require 2256 different combinations to break a 256-bit encrypted message. Since this is virtually impossible for even the fastest computers, this level of encryption is quite safe.
What is 256-bit encryption used for?
256-bit encryption is typically used for in-transit data, or data that travels over a network or Internet connection. However, it is also implemented for sensitive and important data like financial documents, tax information, and legal records, as well as military or government-owned data. In fact, the U.S. government requires that all sensitive and important data be encrypted using 192- or 256-bit encryption methods.
How long would it take to break a 256-bit encryption?
The answer to this question is controversial, as various hypothetical factors affect the calculation. One Reddit user calculated that it would take more than one thousand Tianhe-2 supercomputers—the fastest supercomputer currently in existence—running for 9.1732631e50 years (note the “e”) to break a 256-bit encryption by brute force.
The same user noted that the universe itself it thought to have existed for 14 billion (1.4e10) years. It would therefore take ~6.7e40 times longer than the age of the universe to exhaust half of the keyspace of a AES-256 key.
So, in other words, a very long time.
In this day and age, it’s essential for every accounting firm—as well as any other organization that stores confidential client information—to secure client information from hacking attempts. If you are trading personal data via email or other unsecured channels, and that information is compromised by a hacker, your firm could face litigation and fines.
And these penalties are no mere slap on the wrist—the upcoming California Consumer Privacy Act, for instance, will allow the state to fine companies up to $7,000 per incident. That means that if you have 500 clients, you would have to pay $3.5 million in fines alone—enough to devastate most small businesses.
Protect Your Clients’ Data with ImagineTime’s Secure Client Portal
To prevent the above scenario from happening, it’s essential to invest in project management software that can adequately protect your client data. ImagineTime’s secure client portal does just that with 256-bit bank-level encryption (which, as we’ve established, is pretty darn secure.) Click here to learn how a client portal can protect your firm from security breaches and help it run more efficiently than ever.