LOGBOOK

HELP

1 / 20
Other keys: showSpace: good1-4: rate0: skip5: flag6: invert

Question

Data can be in three different "states" — what are they, and why does each one need its own protection?

Answer

Data in transit (moving over a network), data in use (being processed in memory/CPU), and data at rest (stored on disk) — each is attacked differently, so each needs its own controls.

State Where it lives Typical protection
In transit flowing between two systems TLS / VPN — encrypt the channel
In use loaded in RAM / CPU registers hardest to protect; confidential computing, memory encryption
At rest files, databases, backups disk/database encryption, access control

Why it matters: people instinctively protect data at rest (the locked laptop) but forget transit (open Wi-Fi) and use (a process reading plaintext in memory). A complete security design has to cover all three. In use is the trickiest because the data must be decrypted to be computed on.

Tip: Remember the trio Transit – Use – Rest. Encryption mostly solves transit and rest; "in use" is still an open research area.

or press any other key