Data comes in all shapes and sizes, but most experts classify data into three states. The first is "Data at Rest", which is as the name implies, static data that is not being manipulated. The second state is called "Data in Motion", sometimes referred to as "Data in Transit", and it is data that is traveling across a network. The third state is "Data in Use", which is data that is actively undergoing a transformation and is being manipulated and changed in some way. Security is an important consideration no matter what state of data you are dealing with and I'm going to compare and contrast two of states, data at rest and data in motion. Many encryption methods, tools, and techniques exist for each category, and it is important to choose and use at least one.
For most people, data at rest is going to be their on hard drive, external backup hard drives, CDs, DVDs, and flash drives. Since this data can be physically stolen, the strength of the encryption must be high so that if it is stolen, the thief cannot simply use a brute force cracker to quickly break the encryption. Many free and professional application exist to preform such encryption, such as TrueCrypt, which is a free, open-source, multi-platform encryption tool. TrueCrypt will encrypt the data and then it can only be unlocked with the correct password. With data at rest the decryption key, a password, is stored in the owner's head. Remembering a password is much more secure than having to store it somewhere or having to transmit it, as long as you don't write it down. Some data at rest encryption methods can take a while to run, such as Microsoft's BitLocker, which took about 10 minutes to complete when I ran it, and aren't the best choice in time sensitive situations.
Data in motion is a more troublesome to secure because it must be encrypted, sent, and then possibly decrypted. Decryption requires that the decryption key either be sent along with the data or that there is some type of public key to be used in decryption. THe extremely popular RSA encryption uses public key cryptography in which a public and private key is needed for for secure encryption and decryption. Public key cryptography requires a global database of public keys that can be used for encryption and a private key for decryption. SSL, secure socket layer, is another common data in motion encryption method. Cryptography methods for use on the Internet need to be relatively efficient and fast because high speed of web traffic.
Both data at rest and data in motion need to be secured, but the methods for each are different. Data at rest was the first to be encrypted, since back when computers were first invented, there was no interconnections between computers and so no data in motion. Now, with the pervasiveness of the Internet, cryptography for data in motion has become just as important. Each method has pros and cons, but there is definitely one that is right for you.
Data Storage Encryption: Data At Rest vs. Data in motion
Comments
No comments yet. Sign in to add the first!