Data in transit
What is data in motion?
Data in transit or data in motion includes all data that is shared or transmitted within any network or outside through the internet. A few examples include files shared with coworkers, data uploaded to cloud applications, and data sent to business associates. Data in transit is most vulnerable as it gets exposed to high security threats like eavesdropping attacks, ransomware attacks, and data theft.
The three states of data
Data can be classified into three categories depending on extent of use: data at rest, data in use, and data in transit. Data at rest comprises of all files and information that is stored or archived. Data in use involves all data currently in use by employees, vendors, and other stakeholders. Of all the three states, data in transit is the most vulnerable to data theft.
Data in transit vs. data in rest
The main differences between these two states of data can be explored through the nature of data, its vulnerability to attacks, applicable security controls, and the consequences of data loss.
|Point of difference||Data in transit||Data at rest|
|Nature of data||Data that is currently being transmitted within or outside the organization's periphery.||Data that is usually stored or backed up in the organization's offline or cloud storage. Data at rest is not actively accessed or used by stakeholders.|
|Vulnerability to attacks||Very high: The number of incidents and variants of ransomware and other attacks on networks has significantly increased, leading to frequent and damaging data breaches.||Relatively low: Offline backups secured with sufficient physical controls are relatively less vulnerable to attacks. However, cloud backups are more exposed to cyberthreats.|
|Applicable security controls||Data encryption, securing file transfer channels, and monitoring user activity like file copy events using a data leak prevention (DLP) solution.||Multiple secure offline and cloud backups|
|Consequences of data loss||Data can be stolen by hackers to be sold on the dark web. Data breaches lead to huge non-compliance penalties and loss of trust. Hackers may demand huge ransoms for data that might not even be returned to the organizations after payment.||Data can be stolen by hackers to be sold on the dark web. Data breaches lead to huge non-compliance penalties and loss of trust. Hackers may demand huge ransoms for data that might not even be returned to the organizations after payment.|
Threats to data in transit
While being transferred via various applications and networks, data in motion is exposed to the following risks:
- Unsecure transfer of data by individuals to unauthorized USBs and unsafe websites, and individuals not following privacy protocols.
- Eavesdropping attacks that intercept data packets sent through the internet.
- Data loss resulting from stolen USB devices and other data storage media.
- Exposure of data transferred within organizations caused by excess user rights.
- Excessive information shared to vendors, partners, and other external stakeholders.
How to protect data in transit
Data in motion needs to be secured at different points of the transit medium it goes through. Start off by safeguarding data at the endpoints with a DLP solution. This will ensure that unauthorized file transfers and file copy events are tracked and responded to promptly. Most solutions also come with a built-in USB access control tool to track and manage USB device use.
Second, use a cloud access security broker to monitor data passing through the cloud. A cloud protection tool will address your network protection needs in addition to monitoring user activity over the cloud. Review network communications security and upgrade to the latest security protocol version. Adopt data encryption to protect data leaving the periphery of the organization.