How to Protect All 3 States of Data: In Use, in Transit, and at Rest
26 Oct 2021 | Michael WaksmanAre you sure your data is being protected at all times?
It can be hard to keep track of all your data. Company information often passes through multiple different states as it’s being used, with each one bringing along its own kind of vulnerabilities. In order to keep your data protected at all times, it’s therefore essential to be aware of the 3 states of digital data. In this blog, we aim to clear up any confusion surrounding the different states of data by discussing each type and its inherent vulnerabilities. We will then provide recommendations on the best ways of protecting data in all 3 states.Data in Use
What is data in use?
Data is in use when it’s being accessed by a person or program. For companies, data is most likely to be in an active state when it’s being viewed or modified by an employee, or being processed by automated or manual means.
When is data most vulnerable?
Data in use is generally unencrypted and easily accessible for individuals to view or modify. Once a file is decrypted and opened, it becomes defenseless against targeted attacks. These factors mean that data is generally at its most vulnerable when being used.
How can data in use be protected?
One way of protecting active data is to use identity management tools to spot anomalies in user behavior and ensure that nobody is committing identify theft in order to access company information. Most identity management tools offer protection through features like single sign-on, two-factor authentication, and access management.
BestCrypt Data Shelter, a new cybersecurity tool from Jetico, offers another way of securing data in use. Create protection policies for selected folders with BestCrypt Data Shelter and stop unwanted processes from accessing your active data.
Data in Transit
What is data in transit?
As you may have guessed from the name, data in transit is data that is actively moving from one location to another. Data moves across the internet and in email services, through communication platforms like Slack and on instant messaging applications – all of these are classified as data in transit.
When is data in transit vulnerable?
Seeing as data in transit can travel across the internet and around company networks, it’s inherently more vulnerable than data at rest and more likely to be exposed to third parties. When sending data by email or using services like Dropbox or Microsoft Teams, precautions should also be taken to ensure data in transit is not compromised.
How can data in transit be protected?
One of the first steps that companies should take to protect data in transit is to invest in email encryption. End-to-end email encryption is a secure option that ensures messages are only decrypted on recipients’ devices.
For further protection, Data Leak Prevention (DLP) software can be used to prevent employees from sending or uploading sensitive data outside their organization. If you’re looking for a more secure way of sending files online, Managed File Transfer (MFT) software allows data to be downloaded by recipients via HTTPS.
Data at Rest
What is data at rest?
Data at rest is data stored in a specific place that isn’t actively moving to other devices or networks. Files on your hard drive, photos on your smart phone, and backups that are kept on a USB stick are all examples of data at rest.
When is data at rest vulnerable?
Data at rest is vulnerable when devices are lost or stolen and confidential data has been left in an unencrypted state. Data stored in the cloud or on shared workstations also risks being seen by prying eyes if it's not protected.
How can data at rest be protected?
When it comes to protecting data at rest, the best place to start is encryption. There are 2 main types of encryption software that you should know about: Hard drive and file encryption.
For hard drive encryption, BestCrypt Volume Encryption is a solution that ensures data cannot be accessed by third parties in the event that fixed or removable devices are lost.
For encrypting individual files and folders, BestCrypt Container Encryption is a solution that protects data from virtual threats, such as hackers. The software allows you to create hidden and encrypted containers that can store as many files and folders as you like.
To increase your overall cybersecurity, we also recommend that you don’t rely on tools from a single company to keep you safe. By layering your security with specialist tools instead, you reduce the impact to your data when a cyberattack hits one of your software vendors.
Now with BestCrypt Volume Encryption 5 - Protect Data in Use
BestCrypt Volume Encryption 5 is out now! Jetico’s software for encrypting hard drives now offers extra protection against brute-force attacks, which are one of the easiest ways for hackers to breach your system and access data at rest.
The new version of BestCrypt Volume Encryption also includes a new cybersecurity tool, BestCrypt Data Shelter. The utility has been designed to protect files and folders even when they’re in use, therefore providing extra security against cyberattacks.
BestCrypt Data Shelter allows users to create protection policies for selected folders. Once policies are in place, the software will stop untrustworthy and malicious processes from accessing the contents of protected folders. In addition, BestCrypt Data Shelter offers protection from malware or ransomware that may try to access sensitive files by exploiting regular processes.
BestCrypt Data Shelter is also available independently as freeware.
Get started with your free trial of BestCrypt Volume Encryption today!
Michael Waksman has been serving as CEO of Jetico since 2011, more than doubling the size of the company during his tenure. He brings more than 20 years of communications, technology and leadership experience.
At Jetico, Waksman has lead creation of the corporate identity, raising global brand awareness, building a more commercially-driven team and initiating enterprise customer relations. Jetico has maintained a wide user base throughout the U.S. Defense community, in the global compliance market and for personal privacy.
Waksman served as vice-chairman of the Cyber Group for the Association of Finnish Defense and Aerospace Industries. Recognized as a security and privacy advocate, he is a frequent speaker at international events, occasionally on behalf of the Finnish cyber security industry. In 2012, Waksman was honored with The Security Network's Chairman's Award for fostering collaboration between the United States and Finland. As dual citizen, he is a native New Yorker and has been living in the Helsinki region for over 15 years.