Browse Definitions :
Definition

data in use

Contributor(s): Laura Fitzgibbons

Data in use is data that is currently being updated, processed, erased, accessed or read by a system. This type of data is not being passively stored, but is instead actively moving through parts of an IT infrastructure. Data in use is one of three states of digital data -- the other two states are data in motion and data at rest.

Data states are used by information security professionals to identify endpoints where data should be encrypted. In addition to encryption, some important ways that data in use is protected include user authentication at all stages, strong identity management and well-maintained permissions for profiles within an organization.

Examples of data in use include data that is stored or processed in RAM, databases or CPUs. Requesting access to transaction history on a banking website or authorizing user login input are applications of data in use.

Security of data in use

Due to data in use being directly accessible by one or more users, data in this state is vulnerable to attacks and exploits. Additionally, security risks become greater as permissions and devices increase. Oftentimes, data in use could contain digital certificates, encryption keys and intellectual property which make it crucial for businesses to monitor. Common practices for protecting data in use include:

  • Tracking and reporting data access to detect suspicious activity and potential threats. For example, monitoring login attempts to platforms with sensitive information.
  • Strict access control and endpoint security management with authentication measures in place.
  • Full disk or memory encryption.
  • Well documented data loss prevention (DLP) and disaster recovery plans (DRP).
  • Non-disclosure agreements (NDA) for employees and stakeholders.
This was last updated in February 2019

Continue Reading About data in use

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How does your organization protect its data in use?
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance framework

    A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with...

SearchSecurity

  • DNS over HTTPS (DoH)

    DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a ...

  • integrated risk management (IRM)

    Integrated risk management (IRM) is an approach to risk management that uses a set of practices and processes to improve an ...

  • MITRE ATT&CK framework

    The MITRE ATT&CK (pronounced 'miter attack') framework is a free, globally accessible service that provides comprehensive and ...

SearchHealthIT

  • telemedicine (telehealth)

    Telemedicine is the remote delivery of healthcare services, such as health assessments or consultations, over the ...

  • Project Nightingale

    Project Nightingale is a controversial partnership between Google and Ascension, the second largest health system in the United ...

  • medical practice management (MPM) software

    Medical practice management (MPM) software is a collection of computerized services used by healthcare professionals and ...

SearchDisasterRecovery

SearchStorage

  • M.2 SSD

    An M.2 SSD is a solid-state drive (SSD) that conforms to a computer industry specification and is used in internally mounted ...

  • kilobyte (KB or Kbyte)

    A kilobyte (KB or Kbyte) is a unit of measurement for computer memory or data storage used by mathematics and computer science ...

  • virtual memory

    Virtual memory is a memory management capability of an operating system (OS) that uses hardware and software to allow a computer ...

Close