Many fund managers are failing to properly encrypt their data due to various challenges, including determining which data to encrypt, performance overhead and key management. This article, the first in a three-part series, discusses the basics of encryption, when it should be used and challenges with implementing it. The second article
will analyze the legal and regulatory framework surrounding encryption, including various federal and state laws. The third article
will evaluate what policies and procedures a manager should enact; the role of legal and compliance personnel; and the management of third parties with respect to data security. For more on cybersecurity, see “How Hackers Can Infiltrate Fund Managers Through Executives, and How to Stop Them
” (Apr. 18, 2019).