Data in Rest
Data that is stored for later use. This generally refers to data in a database or file that functions as system, application, user or backup data. Such data is physically stored on a data storage device such as a hard drive that may be located locally or on remote infrastructure such as a cloud service. It is common to encrypt all data in rest. For example, an entire hard drive may be encrypted and data may be encrypted at the file, database or data item level.Data in Use
Data that has been pulled into memory or that is currently being processed. For example, user profile data that is stored in the memory of a phone to provide an API to apps. Data in use is the most difficult type of data to encrypt because this is the most likely to impact performance. Such data may be accessed many times as the user is waiting for a response from an application. In the past, data in use was often not encrypted. Some modern hardware supports encrypting data stored in memory or data being processed by a CPU.Data in Transit
Data that is being sent over a network or a local transfer between devices. Data in transit may traverse public networks where it can easily be acquired by a malicious entity. As such, it is very common to encrypt data in transit. For example, a session between a web server and a user device is often encrypted with a protocol known as HTTPs.Overview: Data States | ||
Type | ||
Definition | Modes whereby data is used by computing equipment known as data in rest, data in use and data in transit. | |
Related Concepts |