Quiz Entry - updated: 2026.07.14
Data can be in three different "states" — what are they, and why does each one need its own protection?
Data in transit (moving over a network), data in use (being processed in memory/CPU), and data at rest (stored on disk) — each is attacked differently, so each needs its own controls.
| State | Where it lives | Typical protection |
|---|---|---|
| In transit | flowing between two systems | TLS / VPN — encrypt the channel |
| In use | loaded in RAM / CPU registers | hardest to protect; confidential computing, memory encryption |
| At rest | files, databases, backups | disk/database encryption, access control |
Why it matters: people instinctively protect data at rest (the locked laptop) but forget transit (open Wi-Fi) and use (a process reading plaintext in memory). A complete security design has to cover all three. In use is the trickiest because the data must be decrypted to be computed on.
Tip: Remember the trio Transit – Use – Rest. Encryption mostly solves transit and rest; "in use" is still an open research area.