If you're seeing this message, it means we're having trouble loading external resources on our website.

If you're behind a web filter, please make sure that the domains *.kastatic.org and *.kasandbox.org are unblocked.

Main content

Why care about data security?

IOC‑2.A (LO)
IOC‑2.A.5 (EK)
IOC‑2.A.8 (EK)
IOC‑2.A.9 (EK)
The ticking number above is an estimate of the amount of data that's flowed through the Internet since you started reading this article.
The monthly volume of Internet traffic is on the order of billions of gigabytes. To put this number into perspective, every word ever spoken can fit into five billion gigabytes!
What types of data flow through the Internet? One type is numerical such as a city’s temperature. Another type is categorical such as a movie genre. An extremely useful type of data is personally identifiable information (PII). PII refers to any data that can help identify you, such as your address or name.
Organizations use PII to improve users' online experiences.
For example, an e-commerce website like Amazon stores PII (my shopping history) so that it can make better item recommendations. As you can see below, Amazon learned from my prior purchases that I love tea and pens and decided to recommend more kinds of teas and pens.
Screenshot of Amazon recommendations section, includes photos of a box of Hibiscus tea box and a box of Uni-ball pens.
Let's look at another example: Google Discover, a personalized dashboard for mobile phones. It's an application that helps plan my daily commute and surprisingly, it even knows where I parked my family’s car!
Screenshot from Google Discover. Includes a map with a marker near a road and the text "You parked here - updated 12min ago - based on your location history"
Because parking locations and other forms of PII can be very sensitive, we want companies to keep our PII private and prevent it from falling into the wrong hands.
So then, how do companies keep PII private if it flows through a public, open Internet? How do attackers steal PII and how do companies defend against it?
We'll answer these questions in this unit about online data security.
First, we’ll cover PII in more detail and see the different ways it's collected. Then, we’ll see the different ways attackers steal PII via phishing, rogue access points, or computer malware.
We’ll then show how cryptography can help keep PII private with encryption and also prevent PII from falling into the wrong hands with authentication. We’ll see how encryption sends “locked” PII over the public Internet and unlocks it only if someone presents the correct key. We’ll also see how authentication verifies someone’s identity before sending over PII.
Finally, we’ll see how the Internet incorporates these cryptographic techniques into the TLS and HTTPS protocols.
Let’s begin!

Want to join the conversation?