The security of data is only constant if it stays in the same location and is subject to the same protective measures. But data very rarely stays in one place. You’ll often need to access it, share it with other people, or transfer it to a different storage location.

When it comes to keeping your data safe, you need to take into consideration its environment and conditions. For instance, is data safer when it’s in motion or sitting passively in a storage unit?

The Three States of Data

ransomware binary red feature

In order to understand the security risks and benefits of where your data is, you first need to understand the different states of it. Depending on your situation, the states might overlap, resulting in a different set of risks and benefits you’d have to take into account.

What Is Data at Rest?

Data is described as being at rest whenever it’s not moving from one location to the next. This definition also tends to include data that isn’t being accessed by any party, whether online or offline.

Data at rest is data stored on a physical device. This can be local on one of your devices, or on an external hard drive or USB stick. It also includes data stored remotely, like using cloud storage services to back up your files.

Generally, data at rest is the safest and most secure state for data. It allows for the use of strong encryption without having to worry about compromising security for a faster and more efficient encryption protocols.

Still, hackers often consider data at rest to be a valuable target, mostly due to its size. After all, the majority of companies and individuals don’t transfer massive volumes of data online because of the time and bandwidth required.

What Is Data in Transit?

Data in transit, also known as data in motion, is data that’s being moved from one location to another. This can occur online using the internet, through a private network, or offline from one storage unit to the next using a USB cable or Bluetooth.

However, data in transit isn’t a state exclusive to files or massive databases moving location. It’s any data undergoing an exchange, from text messages and phone calls to your browser's communication with a web server to request a web page.

Compared to its counterparts, data in transit is data at its most vulnerable. Measures that would otherwise be used to protect data at rest, such as strong encryption protocols, endpoint monitoring, and keeping it offline are harder to implement when data is on the move.

While not as valuable, amateur hackers and ones looking for an easy win often target data in motion. That’s especially true if the data partakes in a real-time exchange, where it needs to be encrypted and decrypted multiple times, which often leads to using a weaker but faster encryption protocol.

What Is Data in Use?

As the name suggests, data in use is the state of data whenever a person is using it, online or offline. But it’s not just people. Data is still considered in use if an app or software has access to it while it’s running, even in the background.

As for storage location, data in use can be stored locally on your device, externally on a storage unit, or remotely on a server that may not even be yours, like browsing photos through the Google search engine.

Data in use is where the different states of data tend to overlap. If you’re accessing files directly on your device, then it’s relatively secure. For someone to gain access to the same files, they’d either need to directly or remotely access your device or infect it with spyware that leaks the files to them.

If the data you’re accessing is online, for example, receiving text messages or files through a messaging app or email, then the data is considered in use and in motion. Hackers may be able to intercept the data flow if it weren’t encrypted.

You Can’t Choose One Over the Other

A lock with binary code

Understanding the varying risks between the different states of data doesn’t mean picking one state and keeping to it. Instead, becoming familiar with the risks of each state allows you to better set up protection and security measures that equate to the level of risks it faces.

Not to mention, data that can’t be turned into all three states poses a lot of difficulty to its owners and people who need access to it. Luckily, there are multiple ways you can secure data during all of its states.

Encryption

Whether you’re storing your data online or offline, encryption is essential. You can use a combination of RSA and AES symmetric encryption for the best results.

As for data in transit, consider switching to apps that use end-to-end encryption. That way, your data is encrypted and secure even at its most vulnerable.

When it comes to data in use, especially online, stick to websites that utilize SSL certificates resulting in HTTPS in the URL.

Keep Off the Internet Whenever Possible

Unless you’re someone with a bright target on your data, chances are no one would go to the trouble of hacking encrypted cloud storage or device to obtain it. While some cloud storage services—free and paid—promise security and privacy, it’s best to invest in your own external hard drives along with their backups.

Use a VPN

Using a trusted VPN is another way you can guarantee your privacy and security when exchanging data online. That’s because VPNs create an encrypted tunnel that links you with web servers on the open internet.

As long as the website you’re accessing is secure, VPNs can take care of the rest and prevent malicious individuals and ISP companies from tracking and stealing your browsing data.

Three locks and a chain going through them

When it comes to cybersecurity, older isn’t better. Viruses, spyware, and hacking techniques are constantly evolving and becoming smarter. In order to keep your data secure, regardless of its state or location, you need to stay up to date with the latest security risks and data security measures and precautions.