Stages of Data

Within Information Security we talk about data states a lot which I would classify with three states:

1. Data at Rest
2. Data in Transit
3. Data in Use

Data at rest: Data that is considered inactive, and which is not accessed, updated, or processed will be referred as data at rest. Usually, data is stored in hard drive, cloud or back up media. One of the security controls used when data is at rest is Encryption. Example: self-encrypting hard drives, file-level encryption. 

Data in Transit a.k.a Data in motion: When data is actively moving from the point of origin to a destination across networks, including trusted, private network. One of the security controls used, is end to end encryption which ensures that only sender and recipient can read the data.  Security protocols used in this state are,

Web access: HTTPS
File transfer: FTPS, SFTP, SCP, WebDAV over HTTPS
Remote shell: SSH2 terminal
Remote desktop: radmin, RDP
Wireless connection: WPA2

Data in use: Active data stored in a nonpersistent state is known as data in use. When an authenticated user is accessing a database or an application, data is in a volatile state.

As many organizations design their architecture as per the requirements to safeguard the data from exterior sources, multiple controls are set in place to ensure security and prevent misuse of data, when data is being used such as: continuous data monitoring, key stroke logging, IDPS, Firewall NG, PKI (Public Key Infrastructure) where components require certification authority (CA), registration authority (RA), certificate repository, certificate revocation system with digital certificates are used on secure protocol S-HTTP.

It is important to understand data states to apply security controls to organization’s architecture.

Leave a Reply

Your email address will not be published. Required fields are marked *