General Data Considerations – States of Data (Domain 3)

Data security isn’t just about what kind of data you’re protecting—it’s also about when and where that data is at any given time. In this episode, we explore the three states of data: at rest, in transit, and in use. Data at rest resides on storage media—like hard drives, databases, or backup tapes—and is commonly protected by full-disk or file-level encryption. Data in transit moves across networks and is often safeguarded by protocols like TLS or VPN tunnels, which ensure confidentiality and integrity in motion. Data in use, however, presents unique challenges, as it resides in system memory and is often unencrypted while being actively processed. We examine how hardware-based enclaves, application-layer controls, and runtime memory protections can mitigate in-use risks. Understanding data states helps defenders apply the right controls in the right places—because data isn’t static, and neither are the threats targeting it.
General Data Considerations – States of Data (Domain 3)
Broadcast by