Browse Definitions :
Definition

data in use

Contributor(s): Laura Fitzgibbons

Data in use is data that is currently being updated, processed, erased, accessed or read by a system. This type of data is not being passively stored, but is instead actively moving through parts of an IT infrastructure. Data in use is one of three states of digital data -- the other two states are data in motion and data at rest.

Data states are used by information security professionals to identify endpoints where data should be encrypted. In addition to encryption, some important ways that data in use is protected include user authentication at all stages, strong identity management and well-maintained permissions for profiles within an organization.

Examples of data in use include data that is stored or processed in RAM, databases or CPUs. Requesting access to transaction history on a banking website or authorizing user login input are applications of data in use.

Security of data in use

Due to data in use being directly accessible by one or more users, data in this state is vulnerable to attacks and exploits. Additionally, security risks become greater as permissions and devices increase. Oftentimes, data in use could contain digital certificates, encryption keys and intellectual property which make it crucial for businesses to monitor. Common practices for protecting data in use include:

  • Tracking and reporting data access to detect suspicious activity and potential threats. For example, monitoring login attempts to platforms with sensitive information.
  • Strict access control and endpoint security management with authentication measures in place.
  • Full disk or memory encryption.
  • Well documented data loss prevention (DLP) and disaster recovery plans (DRP).
  • Non-disclosure agreements (NDA) for employees and stakeholders.
This was last updated in February 2019

Continue Reading About data in use

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How does your organization protect its data in use?
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

SearchSecurity

  • intrusion detection system (IDS)

    An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such ...

  • Secure Shell (SSH)

    SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system ...

  • intrusion prevention system (IPS)

    An intrusion prevention system (IPS) is a network security and threat prevention tool.

SearchHealthIT

SearchDisasterRecovery

SearchStorage

  • cache memory

    Cache memory, also called CPU memory, is high-speed static random access memory (SRAM) that a computer microprocessor can access ...

  • capacity management

    Capacity management is the broad term describing a variety of IT monitoring, administration and planning actions that are taken ...

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

Close