What is encryption?
Explore IBM's encryption solution Subscribe to Security Topic Updates
Illustration with collage of pictograms of clouds, mobile phone, fingerprint and check mark.
What is encryption?

Data encryption is a way of translating data from plaintext (unencrypted) to ciphertext (encrypted). Users can access encrypted data with an encryption key and decrypted data with a decryption key.

Protecting your data

There are massive amounts of sensitive information managed and stored online in the cloud or on connected servers. Encryption uses cybersecurity to defend against brute-force and cyber-attacks, including malware and ransomware. Data encryption works by securing transmitted digital data on the cloud and computer systems. There are two kinds of digital data, transmitted data or in-flight data and stored digital data or data at rest.

Modern encryption algorithms have replaced the outdated Data Encryption Standard to protect data. These algorithms guard information and fuel security initiatives including integrity, authentication, and non-repudiation. The algorithms first authenticate a message to verify the origin. Next. they check the integrity to verify that contents have remained unchanged. Finally, the non-repudiation initiative stops sends from denying legitimate activity.

IBM Security X-Force Threat Intelligence Index

Gain insights to prepare and respond to cyberattacks with greater speed and effectiveness with the IBM Security X-Force Threat Intelligence Index.

Related content

Register for the Cost of a Data Breach report

Types of data encryption: asymmetric vs symmetric

There are several different encryption methods, each developed with different security and security needs in mind. The two main types of data encryption are asymmetric encryption and symmetric encryption.

Asymmetric encryption methods:

Asymmetric encryption, also known as Public-Key Cryptography, encrypts and decrypts the data using two separate cryptographic asymmetric keys. These two keys are known as a “public key” and a “private key”.

Common asymmetric encryption methods:

  • RSA: RSA, named after computer scientists Ron Rivest, Adi Shamir, and Leonard Adleman, is a popular algorithm used to encrypt data with a public key and decrypt with a private key for secure data transmission.
  • Public key infrastructure (PKI): PKI is a way of governing encryption keys through the issuance and management of digital certificates.


Symmetric encryption methods:

Symmetric encryption is a type of encryption where only one secret symmetric key is used to encrypt the plaintext and decrypt the ciphertext.

Common symmetric encryption methods:

  • Data Encryption Standards (DES): DES is a low-level encryption block cipher algorithm that converts plain text in blocks of 64 bits and converts them to ciphertext using keys of 48 bits. 
  • Triple DES: Triple DES runs DES encryption three different times by encrypting, decrypting, and then encrypting data again.
  • Advanced Encryption Standard (AES): AES is often referred to as the gold standard for data encryption and is used worldwide as the U.S. government standard.
  • Twofish: Twofish is considered one of the fastest encryption algorithms and is free to use.
Explore asymmetric vs symmetric encryption
Benefits of data encryption

With more and more organizations moving to hybrid and multicloud environments, concerns are growing about public cloud security and protecting data across complex environments. Enterprise-wide data encryption and encryption key management can help protect data on-premises and in the cloud.

Cloud service providers (CSPs) may be responsible for the security of the cloud, but customers are responsible for security in the cloud, especially the security of any data. An organization’s sensitive data must be protected, while allowing authorized users to perform their job functions. This protection should not only encrypt data, but also provide robust encryption key management, access control and audit logging capabilities.

Robust data encryption and key management solutions should offer:

  • A centralized management console for data encryption and encryption key policies and configurations
  • Encryption at the file, database and application levels for on-premise and cloud data
  • Role and group-based access controls and audit logging to help address compliance
  • Automated key lifecycle processes for on-premise and cloud encryption keys
Learn about future-proofing data
Effective data encryption
New homomorphic encryption toolkit

IBM© synthesized 11 years of cryptography research into a streamlined fully homomorphic encryption (FHE) toolkit for Mac OS and iOS.

See what’s next
IBM Blockchain Platform 2.5

The newly launched multi-party network called IBM Blockchain Platform 2.5 includes the latest innovations to improve the IBM Blockchain Platform.

Discover the IBM Platform
IBM Z Enhancements

IBM Fibre Channel Endpoint Security for IBM z15™ helps protect data in flight with pervasive encryption and without the costly application changes.

Read the blog
Related Solutions
Data encryption solutions

Protect enterprise data and address regulatory compliance with data-centric security solutions and services

Explore data encryption solutions
Pervasive encryption solutions

Encrypting data with IBM encryption technology will ensure your data is protected, even in the event of a data breach.

Explore pervasive encryption
Protect sensitive data

IBM Data Privacy Passports protects sensitive data and maintains privacy by policy as the data moves from its source across hybrid multiclouds.

Explore IBM Data Privacy Passports
Data encryption and cryptographic services

IBM Cryptographic Services protects and retains full control of your sensitive data.

Explore IBM Cryptographic Services
Enterprise key management

IBM Enterprise Key Management Foundation (EKMF) is a highly secure and flexible key management system for enterprise.

Explore IBM Enterprise Key Management
Data encryption software

Protect your file and database data from misuse with IBM Security Guardium Data Encryption, an integrated suite of products built on a common infrastructure.

Explore Guardium Data Encryption software
Data security solutions

Protect your data, meet privacy regulations, and simplify operational complexity with IBM Cloud Pak for security.

Explore data security solutions
Flash storage solutions

Simplify data and infrastructure management with the unified IBM FlashSystem® platform family, which streamlines administration and operational complexity across on-premises, hybrid cloud, virtualized and containerized environments.

Explore flash storage solutions
Resources IBM Security Framing and Discovery Workshop

Understand your cybersecurity landscape and prioritize initiatives together with senior IBM security architects and consultants in a no-cost, virtual or in-person, 3-hour design thinking session.

Cost of a data breach

The Cost of a Data Breach Report explores financial impacts and security measures that can help your organization avoid a data breach, or in the event of a breach, mitigate costs.

X-Force Threat Intelligence Index

Understand your cyberattack risks with a global view of the threat landscape

Maintaining Data Protection

Learn how to apply encryption to each stage of the data’s lifecycle for all of your digital collaboration and data sharing.

Security intelligence and data protection

Discover more about CCPA and GDPR compliance, data protection, and privacy issues.

IBM research is transforming the world

IBM is at the forefront of research and pioneering, with more than 3,000 researchers in 12 labs across six continents.

What is a file transfer?

File transfer enables sharing, transferring, and transmitting files and data between users and computers locally and remotely.

Commercial International Bank

Read how Commercial International Bank modernized its digital security with IBM Security® solutions and consulting to create a security-rich environment for the organization.

Take the next step

IBM Security Guardium Insights offers a unified data security solution with both SaaS and on-premises capabilities to protect data where ever it lives. Improve you data security posture with centralized visibility, continuous data monitoring, and advanced compliance features with automated  workflows. Connect and protect data in 19+ cloud environments and detect data security vulnerabilities from a single location.

Explore Guardium Insights Book a live demo