Browse Definitions :
Definition

data in use

Contributor(s): Laura Fitzgibbons

Data in use is data that is currently being updated, processed, erased, accessed or read by a system. This type of data is not being passively stored, but is instead actively moving through parts of an IT infrastructure. Data in use is one of three states of digital data -- the other two states are data in motion and data at rest.

Data states are used by information security professionals to identify endpoints where data should be encrypted. In addition to encryption, some important ways that data in use is protected include user authentication at all stages, strong identity management and well-maintained permissions for profiles within an organization.

Examples of data in use include data that is stored or processed in RAM, databases or CPUs. Requesting access to transaction history on a banking website or authorizing user login input are applications of data in use.

Security of data in use

Due to data in use being directly accessible by one or more users, data in this state is vulnerable to attacks and exploits. Additionally, security risks become greater as permissions and devices increase. Oftentimes, data in use could contain digital certificates, encryption keys and intellectual property which make it crucial for businesses to monitor. Common practices for protecting data in use include:

  • Tracking and reporting data access to detect suspicious activity and potential threats. For example, monitoring login attempts to platforms with sensitive information.
  • Strict access control and endpoint security management with authentication measures in place.
  • Full disk or memory encryption.
  • Well documented data loss prevention (DLP) and disaster recovery plans (DRP).
  • Non-disclosure agreements (NDA) for employees and stakeholders.
This was last updated in February 2019

Continue Reading About data in use

SearchCompliance

SearchSecurity

  • cyber attack

    A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to ...

  • backdoor (computing)

    A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.

  • post-quantum cryptography

    Post-quantum cryptography, also called quantum encryption, is the development of cryptographic systems for classical computers ...

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • cloud SLA (cloud service-level agreement)

    A cloud SLA (cloud service-level agreement) is an agreement between a cloud service provider and a customer that ensures a ...

  • NOR flash memory

    NOR flash memory is one of two types of non-volatile storage technologies.

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

Close