Strategies to Safeguard Personally Identifiable Information

AB.

The protection of personally identifiable information (PII) is a critical aspect of data security. There are different strategies used to safeguard PII, and two of them are encryption and hashing.

Encryption refers to the process of converting data into an unreadable format that can only be decrypted with a key or password. Encrypting data in transit refers to securing the data as it travels between different systems or over a network, such as using Transport Layer Security (TLS) or Secure Sockets Layer (SSL) protocols. This strategy ensures that if the data is intercepted during transmission, it cannot be read or used by unauthorized parties.

Encrypting data at rest refers to securing the data when it is stored on a device, such as a hard drive or a server. This can be achieved by encrypting the entire storage device or encrypting specific files and folders. Encryption at rest provides protection against unauthorized access to the data, such as theft of a device or unauthorized access to a server.

Hashing is a process of converting data into a fixed-size string of characters that represents the original data. Hashing is often used to secure passwords, where the actual password is not stored but only its hashed value. When a user enters a password, the system hashes it and compares the hashed value to the stored hash. If they match, the user is granted access. Hashing usernames and passwords for efficient lookup refers to the practice of storing only the hashed values of usernames and passwords to optimize database lookup performance. This strategy can protect PII as long as the hashing algorithm used is strong and not easily reversible.

Based on the above explanation, the correct answers to the question are A. Encrypt data in transit, and C. Encrypt data at rest.