Browse Definitions :
Definition

data in motion

What is data in motion?

Data in motion, also referred to as data in transit or data in flight, is a process in which digital information is transported between locations either within or between computer systems. The term can also be used to describe data within a computer's RAM that is ready to be read, accessed, updated or processed. Data in motion is one of the three different states of data; the others are data at rest and data in use.

The states that data can be in
This image shows the three states that data can be in.

Data in motion works with many different network types, including data transfers between these locations:

  • data that is moving from an internet-capable device to a web-facing service in the public or private cloud;
  • data that is moving between virtual machines within and between cloud services;
  • data that is traversing trusted private networks and untrusted networks such as the internet; and
  • data that is shared between applications and integrations.

Once the data arrives at its final destination, it becomes data at rest.  

The concept of data at motion is important data protection for businesses and for keeping up to date with regulatory guidelines such as PCI DSS or GDPR. Data in motion is also important to those working in big data analytics, as the processing of data can help an organization analyze and gain insight into trends as they occur.

Encrypting data in motion

Data sent from device to device could be intercepted, stolen or leaked if not secured when sent. Because data in motion is vulnerable to man-in-the-middle attacks, for example, it is often encrypted to prevent interception. In fact, data should always be encrypted when traversing any external or internal networks.

Data in motion can be encrypted using the following methods:

  • Asymmetric encryption. This method uses one public key and one private key to encrypt and decrypt a message. This is done to protect the message from unauthorized access or use. If the sender encrypts a message using their private key, the message can only be decrypted using that sender's public key, thus authenticating the sender. In addition, the encryption and decryption processes occur automatically. Many protocols rely on asymmetric cryptography, including Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, which make HyperText Transfer Protocol Secure (HTTPS) possible.
  • TLS and SSL. One of the best known uses of cryptography for data in motion is TLS and SSL. TLS provides a transport layer that acts as an encrypted tunnel between email servers or message transfer agents. SSL certificates, on the other hand, encrypt private communications over the internet using public and private keys. 
  • HTTPS. Typically, HTTPS is used to provide communication security over the internet, but it has also become a standard encryption approach for browser-to-web host and host-to-host communications in both cloud and non-cloud environments.
  • Cryptography. Cloud-based providers may also use multiple encryption methods, coupled with users encrypting their own data at rest within a cloud environment. For example, symmetric cryptography for key exchange and symmetric encryption for content confidentiality are sometimes used. This approach bolsters and enhances standard encryption levels and strengths of encryption.
  • IPSec. The Internet Small Computer System Interface transport layer protects data in motion using Internet Protocol Security (IPSec). IPSec can encrypt data as it is transferred between two devices to prevent hackers from seeing the contents of that data. IPSec is used extensively as a transit encryption protocol for virtual private network tunnels, as it uses cryptography algorithms such as Triple Data Encryption Standard (Triple DES)and Advanced Encryption Standard (AES). Encryption platforms can also integrate with existing enterprise resource planning systems to keep data in motion secure.

Learn more about how to secure email attachments with methods such as TLS.

This was last updated in November 2021

Continue Reading About data in motion

SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an...

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • data compliance

    Data compliance is a process that identifies the applicable governance for data protection, security, storage and other ...

SearchCIO
  • data privacy (information privacy)

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • leadership skills

    Leadership skills are the strengths and abilities individuals demonstrate that help to oversee processes, guide initiatives and ...

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

SearchHRSoftware
SearchCustomerExperience
  • recommerce

    Recommerce is the selling of previously owned items through online marketplaces to buyers who reuse, recycle or resell them.

  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

Close