Skip to content

Ops 401: Class 07

Jump to bottom
Nicholas Loiacono edited this page Apr 25, 2023 · 1 revision

Data at rest refers to data that is stored on a device or within a system, such as a computer, server, or mobile phone, while not being actively used or transferred. Data in transit, on the other hand, refers to data that is being actively transferred or moved between devices, networks, or systems.

Examples of data at rest:

A document saved on your computer's hard drive. A spreadsheet stored on a cloud storage service like Google Drive. An email stored in your email client's inbox. A database of customer information on a company server. Examples of data in transit:

Sending an email from your computer to a recipient. Uploading a file from your computer to a cloud storage service. Streaming a video from a website to your device. Transferring data between two servers over the internet. The CIA triad stands for Confidentiality, Integrity, and Availability. It is a widely accepted framework for evaluating and implementing information security measures. Data encryption plays a critical role in maintaining the CIA triad:

Confidentiality: Encryption helps ensure confidentiality by scrambling data into an unreadable format that can only be accessed by authorized parties with the appropriate decryption keys. This prevents unauthorized individuals from accessing sensitive information, either when it's at rest or in transit.

Integrity: Encryption can also help maintain data integrity by protecting it from tampering and unauthorized modification. When data is encrypted, any changes made to it by unauthorized parties will usually result in unreadable or corrupted output upon decryption, which can signal that the data has been tampered with.

Availability: Although encryption primarily focuses on confidentiality and integrity, it can indirectly contribute to data availability by ensuring that sensitive data remains accessible only to authorized users. If data is properly encrypted and secured, it reduces the risk of breaches, unauthorized access, or loss, ultimately ensuring that the data is available when needed by authorized parties.

In summary, data encryption plays a crucial role in maintaining the CIA triad by safeguarding information from unauthorized access, ensuring data integrity, and indirectly contributing to the availability of data for authorized users.

References https://www.digitalguardian.com/blog/data-protection-data-in-transit-vs-data-at-rest

Clone this wiki locally