A data state is described as the different condition of data while being utilized in a computing environment. The term is especially used in information security.
In this post, you will learn the various states data can be in. As an added bonus, you will also learn the various ways we can also protect this data at each individual states.
There are three (3) states of data which are as follows:
- Data at Rest
- Data in Transit
- Data in Use
Let us now look at each state in details
DATA AT REST
This type of data is stored for later use. Such data is logically stored in a database system or physically stored on a data storage device such as a hard drive, backup tapes, offsite cloud backup, or even mobile devices.
The idea of data in rest is that the data is inactive.
Threats to Data at Rest
Data at rest is the proverbial pot of gold. Most organizations maintain detailed databases of sensitive information. Now in the case of a Bank, for example, they would keep a database that contains:
Customers Name
Account number
Account balance
Transaction details
Card details etc
It should however be noted that there are many channels of attack. Attacks can be launched against the operating system, database server application, client interface etc. Any attack providing system-level access to an attacker is a risk to data at rest.
It should also be noted that computer viruses, worms, and Trojans are also a major threat to data at rest. Computer worms can leave systems vulnerable by covertly installing a backdoor which enables a malicious person to enter the system at will.
Confidentiality, Integrity and Availability would be compromised
Protecting Data at Rest
The primary protection is by perimeter-based defences such as firewalls to protect against network breach and anti-virus programs to protect against Operating system breach.
However, these barriers are not secured enough. Additional layers of defense is still required to protect sensitive data from intruders in the event that the network is compromised.
Encrypting the data storage is one of the best ways to ensure the security of data at rest.
DATA IN TRANSIT
This can also be called data in motion. Data in transit can be defined into two categories namely:
Data that flows over the public network (eg Internet)
Data that flows within a controlled or private network such as a corporate or enterprise Local Area Network (LAN)
Threats to Data in Transit
Data in transit is the most vulnerable mostly the one moving through the public network. Thus protecting it, is very important.
Data travelling through public networks can easily be intercepted by a malicious entity. This is called the Man in The Middle attack (MITM).
Such interception as said earlier can be used to harvest data or manipulate the data for malicious intent.
An example is an online banking transfer that maliciously ends up going to the wrong beneficiary because the transaction was done using an unknown free WiFi.
Confidentiality and Integrity of data will be compromised
Protecting Data in Transit
Confidentiality and Integrity of data is very important during this state. And as such, it is very important to encrypt data in transit. For example, a session between a web server and a client is often encrypted with a secure protocol known as HTTPs.
Data in Use
This is data that is currently being processed processed by one or more applications. The data can currently be in the process of being generated, updated, modified or deleted. It also includes data being viewed by users accessing it through various endpoints.
Threat to Data in Use
Data in use is more vulnerable than data at rest because, by definition, it must be accessible to those who need it.
Data in use is susceptible to different kinds of threats depending on where it is in the system and who is able to use it. The most vulnerable point for data in use is at the endpoints where users are able to access and interact with it. Thus, the more people that have access to the data, the greater the risk that it will end up in the wrong hands at some point.
Confidentiality, Integrity of data will be compromised
Protecting Data in Use
Protecting data in use is challenging since there are different ways the data can be accessed and manipulated. One set of data can potentially have multiple users working with it from multiple endpoints. The huge number of in-house systems, applications, mobile devices, and users accessing data from servers means this data should be protected through strong user authentication, and profile management. This will help ensure that only individuals with the proper permission are able to access and manipulate data.
Overall Conclusion
A comprehensive risk assessment should be carried out to ascertain the threat of a data breach. Organizations often underestimate their risk because they erroneously believe all of their sensitive data is contained within a few secure systems which in reality is not always true. Information (data) often times ends up spreading across multiple devices and networks with varying levels of security and risk. Thus the following questions need to be answered:
- What types of sensitive data does your organization store, use, or transmit?
- Who has access to this data?
- Where, when, and why are they using it?
- How is data stored when not in use?
- How is access to databases controlled?
- What mechanisms are used to transport data?
- Are there In-house or Regulatory standards and policies in place for guidance?
Once these are fully and honestly answered, It would be easier to implement any corrective action to mitigate all the known threats.
Thanks for reading this post. I hope it was educative