In technical terms, it is the process of converting plaintext to ciphertext.
In simpler terms, encryption takes readable data and alters it so that it appears random.
Encryption requires the use of an encryption key: a set of mathematical values that both the sender and the recipient of an encrypted message know.
Plain text - How are you ?
Encrypted text - dZkXd6kDPp5kt
Although encrypted data appears random, encryption proceeds in a logical, predictable way, so that a party receiving the encrypted data and in possession of the key used to encrypt the data can decrypt the data, turning it back into plaintext.
Truly secure encryption will be complex enough that a third party is highly unlikely to decrypt the ciphertext by just guessing the plaintext.
What is a key in encryption ?
A key is a string of characters used within an encryption algorithm for altering data so that it appears random.
Just like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.
What is an encryption algorithm ?
An encryption algorithm is the mathematical formula used to transform data into ciphertext.
An algorithm will use the key in order to alter the data in a predictable way, so that even though the encrypted data will appear random, it can be turned back into plaintext by using the key again.
Why is data encryption necessary ?
Encryption ensures that no one can read communications or data at rest except the intended recipient or proper data owner. This prevents cyber criminals, ad networks, Internet service providers, and in some cases governments from intercepting and reading sensitive data.
Encryption helps data breaches, whether the data is in transit or at rest. If a corporate device is lost or stolen and its hard drive is properly encrypted, the data on that device will likely still be secure. Similarly, encrypted communications enable the communicating parties to exchange sensitive data without leaking the data. Encryption also helps prevent malicious behavior such as man-in-the-middle attacks.
For all these reasons, many industry and government regulations require companies that handle user data to keep that data encrypted. Examples of regulatory and compliance standards that require encryption include HIPAA, PCI-DSS, and the GDPR.