We need to protect our data as well as we can regardless where it is and if it is in use or not.
- Data has 3 States: We want to protect it as well as we can in each state.
- Data at Rest (Stored Data):
- This is data on Disks, Tapes, CDs/DVDs, USB Sticks
- We use disk encryption (full/partial), USB encryption, tape encryption (avoid CDs/DVDs).
- Encryption can be Hardware or Software Encryption.
- Data in Motion (Data being transferred on a Network).
- We encrypt our network traffic, end to end encryption, this is both on internal and external networks.
- Data in Use: (We are actively using the files/data, it can’t be encrypted).
- Use good practices: Clean Desk policy, Print Policy, Allow no ‘Shoulder Surfing’, maybe the use of view angle privacy screen for monitors, locking computer screen when leaving workstation.
- Data at Rest (Stored Data):