Data in Motion: How to Protect Information in Transit
Data in motion is information moving between two locations. That data could pass between two devices on the same network or between two entirely different computer systems.
Data in transit is vulnerable to attack. And if you lose this information, penalties could cripple your organisation’s financial health and reputation. Luckily, there are way to ensure that only the right people can access the right information when they need it.
We’ve outlined information about data in motion and how to protect it.
Data in motion definition
Digital information transferred between two locations is data in motion. This same concept is sometimes called data in flight, data in transit, or simply data motion.
You've used data in motion if you have:
- Saved on the cloud. A document originates on your computer, but you push it to a virtual server so you can grab it later.
- Downloaded from a server. You've found a document on another machine that you'd like to reside on your own, so you download or copy it.
- Sent a file. You have a file that someone else needs, so you attach it to an email.
The moment at which it leaves the origin, this piece of information becomes data in motion. When it arrives, it becomes data at rest.
How can you protect data in motion?
Information in transit is catnip for hackers. If they can intercept or steal data as it flies from one place to another, they can achieve their nefarious goals.
Preventing theft and spying is good for business. In some regulatory environments, it's critical. For example, if your business is subject to PCI-DSS, one violation of data privacy could cost your company $500,000. If customers hear you're not protecting their data, you could lose even more.
There are three major data-protection strategies.
- Encryption. Almost every piece of data in motion is protected via encryption. In fact, 92 percent of traffic to Google in the United States is encrypted. If you're not protecting your data with this simple step, you could leave yourself open to theft and spying.
- Rule-making. Are you sharing data when it's not necessary? Are you asking others to send you information you don't really need? A firm set of regulations can help ensure that you're only putting data in motion when absolutely necessary.
Some companies set general policies that restrict data sharing. Others craft specific rules about file sizes, destinations, and approved users.
- Tracking. The moment the data movement begins is critical. Mark that moment, including capturing the originating party, the destination, the file, and more. If you spot an anomaly, shut down access.
Employee education can help too. Ensure your staff understands how their data is at risk and confirm they use tools like a virtual private network (VPN) or identity and access management software when accessing your files from unsecured locations.
Find out more about what a VPN is and how it works (and share this blog post with your staff too!).
Identity and access management (IAM) tools can also go a long way toward protecting your data wherever it resides and wherever users need it—whether in the cloud or on premises. Learn more about Okta’s identity and access management solutions.
References
PCI-DSS: Security-Penalties. UC Santa Cruz.
HTTPS Encryption on the Web. Google Transparency Report.