Data in use

What is data in use?

Data in use includes all data that is accessed, processed, and modified regularly. Some examples of data in use include files shared between employees, weekly logs, and daily manufacturing data. This state of data is exposed to security risks at all times, due to the numerous threat vectors present when it is accessed or shared. The threat to this data state is not just from hackers or external entities, but also insiders with malicious or financial motives and employees who don't adhere to data security policies.

The three states of data

Data in use is one of the three types of data states, the other two being data at rest and data in transit. It is important to understand the flow of data in use, where and to whom it is exposed to apply the right security controls. Data at rest is data that lies dormant within organizations' repositories and data in transit is data that is being shared or transmitted within or outside of the organization.

Data in use vs. data at rest

Each state of data differs in terms of use, storage, transmission, vulnerability to attacks, and security controls that can be applied.

Point of difference Data in use Data at rest
Use Very actively accessed, or modified by users, leading to an increase in the number of users who have access to the data. Data stored passively in data stores, often archived or stored away with no current business needs. The access to this data can be restricted by securing offline backups with the highest level of authorization.
Transmission Data in use is shared frequently, multiple times by various users. Data in rest is seldom shared and is exposed to minimal threats from users or unsecure sharing methods.
Vulnerability to attacks Data in use is highly vulnerable as it is exposed to multiple threat vectors namely, unauthorized users, unsafe sharing methods, and data theft. High: For data stored in the cloud.
Low: For offline backups with appropriate physical security controls.
Security controls that may be employed Security measures for data in use include user authorization and authentication, stringent user permissions management, and securing file sharing methods. Well-protected offline backups to ensure availability of data in case a data theft occurs.

Threats to data in use

Some of the threats data in use can be exposed to include:

  • Insiders who try to exfiltrate data by misusing access privileges
  • Malware infiltration leading to data theft or to data held ransom by hackers
  • Loss of data due to inadvertent loss of portable storage devices
  • Loss of data caused by corrupt programs or device failure

How to secure data in use

You can protect data in use by safeguarding it where it is used the most, usually within the organization. Approach data security from 360-degree perspective to address as many security backdoors as possible.

  • Implement sound user authentication and authorization controls. Enforce multi-factor authentication to minimize the chances of user credentials being stolen by hackers.
  • Periodically review and resolve user permissions for permission inheritance issues, such as excess privileges to user roles that don't require them. Tools like a security permission analyzer can help identify effective user permissions.
  • Be notified of crucial file events for files classified as restricted, sensitive, or confidential by a data classification tool.
  • Look for sudden spikes in file modifications or deletions that can indicate a ransomware attack. Deploy a file integrity monitoring solution to track real-time file changes.
  • Keep your endpoints secure by monitoring outbound emails, USB activity, potential web uploads and more using data leak prevention software.

Implement data protection controls with DataSecurity Plus

ManageEngine DataSecurity Plus offers timely reporting and an effective alert-and-respond mechanism through a unified data visibility and security platform. With it, you can continually monitor endpoints and optimize file security to:

  • Identify and locate files containing sensitive data like payment card information and other personal details of customers.
  • Track crucial changes to files that contain sensitive data promptly to detect potential data theft.
  • Analyze files for permission inconsistencies and other file security issues to prevent misuse of access privileges.
  • Monitor endpoints for malicious insider activity occurring on USB or in outbound emails.
  • Detect and probe suspicious file copy actions made by users.
  • Regulate the use of USB drives by specifying user access levels.

Try all these features and more with a free, fully functional, 30-day trial.

Download now
Email Download Link