1 / 20
Other keys: show •
Space: good •
1-4: rate •
0: skip •
5: flag •
6: invert
Question
Data can be in three different "states" — what are they, and why does each one need its own protection?
Answer
Data in transit (moving over a network), data in use (being processed in memory/CPU), and data at rest (stored on disk) — each is attacked differently, so each needs its own controls.
| State | Where it lives | Typical protection |
|---|---|---|
| In transit | flowing between two systems | TLS / VPN — encrypt the channel |
| In use | loaded in RAM / CPU registers | hardest to protect; confidential computing, memory encryption |
| At rest | files, databases, backups | disk/database encryption, access control |
Why it matters: people instinctively protect data at rest (the locked laptop) but forget transit (open Wi-Fi) and use (a process reading plaintext in memory). A complete security design has to cover all three. In use is the trickiest because the data must be decrypted to be computed on.
Tip: Remember the trio Transit – Use – Rest. Encryption mostly solves transit and rest; "in use" is still an open research area.
or press any other key
Note saved — thanks!