Applied cryptography for data protection


Cryptography is a method used to conceal important data that becomes imperceptible to the naked eye by being hidden. This may be the simplest way to describe what cryptography is. 

But… What is data?

When we talk about data, we refer to numbers, names, surnames, facts, elements and information, among others, that physically identify a person or entity.



Personal Data Protection Law

In Panama, Law 81 of March 26, 2019 on the Protection of Personal Data, which establishes the principles, rights, obligations and procedures that regulate the protection of personal data. Data Protection considering the fundamental rights and freedoms of citizens by natural or legal persons, with public or private law, profitable or not, and that the handling does not contain these personal data.

Data containers?

When we talk about personal data containers we refer to any digital or physical media that contains information or data of value to users and that handle them according to the authorization, provision of the owners of these data, provided they have the consent for their manipulation and management, In the event that the user owner of the data has no knowledge of how their data is handled or manipulated. The entity that handles and holds this data must tell the user how the data will be handled to ensure that their personal information is safeguarded, as stipulated by law. 

Encrypt as much as possible.

It should be noted that it is important that the user gives value to their data, in this fair measure gives priority to ensure that the information contained in their digital devices requires taking security measures such as: strong passwords, double authentication and encryption of data, encryption of operating systems or files and key protection of devices such as routers in home environments or SMEs.

 In the case of companies that wish to safeguard their users’ information, they must comply with the provisions of the law, in addition to taking security measures within their infrastructure, where their valuable information is contained.

Types of protection

There are different types of protection, depending on the type of data and devices being managed, among which we can classify them as follows:

Data protection at rest:

  1. Protection through the encryption of information contained in devices such as PCs, cell phones, Tablets, Laptops, servers, among others, etc.
  2. Encrypting database with sensitive information (Full encryption, or field encryption).

Data protection in transit:

  1. Make use of TLS in all communications, both internal and external.
  2. Implement remote network access using secure communication channels using VPN.


Protection in authentication processes:

  1. Credential protection by means of secure credential and key containers.
  2. Passwords with security phrases and double authentication. 
  3. Make use of secure encryption algorithms.

What can I use to protect my data?

We present a set of Open Source and Commercial tools that will make your life easier.

Encryption tools for email

First of all, it is important to clarify that the tools alone do not do the magic, additional configurations are required and that both parties have certificates and share the public ones for the email encryption process to be effective and, in the case of the signature, that the signer has a previously generated private key. SMIME (Secure/Multipurpose Internet Mail Extensions) protocol is used for e-mail.

Browser encryption tools

Hard disk encryption tool

Tools for Cloud Storage encryption (Dropbox, Google Drive, etc.)

Password storage tools


Do you have any tips on applied cryptography for data protection  we missed? If so, feel free to let us know below in the comments.