Many companies are failing to properly encrypt their data because they are struggling with, among other things, determining which data to encrypt, performance overhead and key management. This article, the first in a three-part series, discusses the basics of encryption, when it should be used and challenges in implementing it. The second article will analyze the legal and regulatory framework surrounding encryption, including various federal and state laws. The third article will evaluate applicable policies and procedures, the role of legal and compliance personnel and the management of third parties. See also our three-part series on unlocking encryption: “Navigating Encryption Options and Persuading Reluctant Organizations” (Aug. 9, 2017); “A CISO’s Perspective on Encryption As Only One Strategy” (Aug. 23, 2017); and “An Attorney Weighs in on Balancing Security and Practicality” (Sep. 13, 2017).