Browse Definitions :
Definition

data in motion

What is data in motion?

Data in motion, also referred to as data in transit or data in flight, is a process in which digital information is transported between locations either within or between computer systems. The term can also be used to describe data within a computer's RAM that is ready to be read, accessed, updated or processed. Data in motion is one of the three different states of data; the others are data at rest and data in use.

The states that data can be in
This image shows the three states that data can be in.

Data in motion works with many different network types, including data transfers between these locations:

  • data that is moving from an internet-capable device to a web-facing service in the public or private cloud;
  • data that is moving between virtual machines within and between cloud services;
  • data that is traversing trusted private networks and untrusted networks such as the internet; and
  • data that is shared between applications and integrations.

Once the data arrives at its final destination, it becomes data at rest.  

The concept of data at motion is important data protection for businesses and for keeping up to date with regulatory guidelines such as PCI DSS or GDPR. Data in motion is also important to those working in big data analytics, as the processing of data can help an organization analyze and gain insight into trends as they occur.

Encrypting data in motion

Data sent from device to device could be intercepted, stolen or leaked if not secured when sent. Because data in motion is vulnerable to man-in-the-middle attacks, for example, it is often encrypted to prevent interception. In fact, data should always be encrypted when traversing any external or internal networks.

Data in motion can be encrypted using the following methods:

  • Asymmetric encryption. This method uses one public key and one private key to encrypt and decrypt a message. This is done to protect the message from unauthorized access or use. If the sender encrypts a message using their private key, the message can only be decrypted using that sender's public key, thus authenticating the sender. In addition, the encryption and decryption processes occur automatically. Many protocols rely on asymmetric cryptography, including Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, which make HyperText Transfer Protocol Secure (HTTPS) possible.
  • TLS and SSL. One of the best known uses of cryptography for data in motion is TLS and SSL. TLS provides a transport layer that acts as an encrypted tunnel between email servers or message transfer agents. SSL certificates, on the other hand, encrypt private communications over the internet using public and private keys. 
  • HTTPS. Typically, HTTPS is used to provide communication security over the internet, but it has also become a standard encryption approach for browser-to-web host and host-to-host communications in both cloud and non-cloud environments.
  • Cryptography. Cloud-based providers may also use multiple encryption methods, coupled with users encrypting their own data at rest within a cloud environment. For example, symmetric cryptography for key exchange and symmetric encryption for content confidentiality are sometimes used. This approach bolsters and enhances standard encryption levels and strengths of encryption.
  • IPSec. The Internet Small Computer System Interface transport layer protects data in motion using Internet Protocol Security (IPSec). IPSec can encrypt data as it is transferred between two devices to prevent hackers from seeing the contents of that data. IPSec is used extensively as a transit encryption protocol for virtual private network tunnels, as it uses cryptography algorithms such as Triple Data Encryption Standard (Triple DES)and Advanced Encryption Standard (AES). Encryption platforms can also integrate with existing enterprise resource planning systems to keep data in motion secure.

Learn more about how to secure email attachments with methods such as TLS.

This was last updated in November 2021

Continue Reading About data in motion

SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
  • Pretty Good Privacy (PGP)

    Pretty Good Privacy or PGP was a popular program used to encrypt and decrypt email over the internet, as well as authenticate ...

  • email security

    Email security is the process of ensuring the availability, integrity and authenticity of email communications by protecting ...

  • Blowfish

    Blowfish is a variable-length, symmetric, 64-bit block cipher.

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
  • direct access

    In computer storage, direct access is the process of reading and writing data on a storage device by going directly to where the ...

  • kibi, mebi, gibi, tebi, pebi and exbi

    Kibi, mebi, gibi, tebi, pebi and exbi are binary prefix multipliers that, in 1998, were approved as a standard by the ...

  • holographic storage (holostorage)

    Holographic storage is computer storage that uses laser beams to store computer-generated data in three dimensions.

Close