Data is in more places than ever before and cyber criminals tend to lurk in dark places, not often making their interests obvious or their presence visible. Whether from insider threats or outsider attacks, a layered data security solution is critical since many traditional perimeter-based data protection mechanisms have been proven to fail when employed alone.
Data in Transit and Data at Rest are both described within security best practices which suggest encrypting such files, but what about their mutual and often overlooked counterpart: Data in Use?
Data in Use is essentially any data in computer memory or any similar form of active data while it works through an IT infrastructure. It is any data in the process of being generated, in the midst of an updating or amending process, being viewed through various endpoints or even being deleted or erased. It is not explicitly static nor travelling, but measurable and real. Because of its tangible yet transient nature, Data in Use has recently been recognized as an increasing security concern for businesses and their information assets.
In today’s business landscape, more and more employees are telecommuting or working from home. The initial or most basic data security steps include: identifying which data is sensitive and requires privacy, setting up user access rights for whomever will access secure data, considering where such data will be accessed, and setting out corporate policies and procedures for controlling secure access.
Security ought to be applied throughout all three data states, but securing Data In Use presents unique technical and logical challenges while begging the question: “Can data ever be secure while end users have access to it?”
Data in Use encounters different vulnerabilities depending on where it is exposed in a given IT Infrastructure or environment and most commonly, end-points are among the biggest exposure threats. Since the prevalence of recent “Bring your own device” trends where an employee will use a personal device to access protected data, companies need to be cognisant of how end users are viewing or working with secure or sensitive data from public or otherwise insecure locations.
As far as successful techniques go, data encryption has been proven as a reliable and effective tool for protecting sensitive data. Just like with perimeter-based protection, however, using strong encryption alone is no silver bullet and cannot be expected to stop cyber-criminals or safeguard your information assets. The strongest and most secure encryption tools and standards are publicly scrutinized … but they are therefore also publicly available to any hackers who would want to search for and / or find a hole they can exploit.
Encryption in and of itself is really just a means of synergising and enhancing other security practices, and the debate about just how reliably Data in Use can be secured is ongoing. Developing, maintaining and enforcing policies and procedures for end users while using strong encryption techniques throughout the full data lifecycle and using a layered security approach is the only way to truly elevate data security and protect your information.
Learn how DataStealth can add a layer to your security topography, obfuscate your data using the strongest of encryption strategies and render your information assets computationally infeasible for criminals to steal.
Download the 'DataStealth for Analytics' use case.
Watch the video, learn more. DataStealth in 60 seconds.