data in use
Data in use is data that is currently being updated, processed, erased, accessed or read by a system. This type of data is not being passively stored, but is instead actively moving through parts of an IT infrastructure. Data in use is one of three states of digital data -- the other two states are data in motion and data at rest.
Data states are used by information security professionals to identify endpoints where data should be encrypted. In addition to encryption, some important ways that data in use is protected include user authentication at all stages, strong identity management and well-maintained permissions for profiles within an organization.
Examples of data in use include data that is stored or processed in RAM, databases or CPUs. Requesting access to transaction history on a banking website or authorizing user login input are applications of data in use.
Security of data in use
Due to data in use being directly accessible by one or more users, data in this state is vulnerable to attacks and exploits. Additionally, security risks become greater as permissions and devices increase. Oftentimes, data in use could contain digital certificates, encryption keys and intellectual property which make it crucial for businesses to monitor. Common practices for protecting data in use include:
- Tracking and reporting data access to detect suspicious activity and potential threats. For example, monitoring login attempts to platforms with sensitive information.
- Strict access control and endpoint security management with authentication measures in place.
- Full disk or memory encryption.
- Well documented data loss prevention (DLP) and disaster recovery plans (DRP).
- Non-disclosure agreements (NDA) for employees and stakeholders.