What Is Data At Rest Encryption?
Data at rest encryption basically means protecting data that's not moving through networks. The protection in this case is offered via encryption. The easiest way to answer this question is to explain what "data at rest" means.
Data at rest refers to data that is not "moving." For example, information on your laptop is considered data at rest. Sure, your laptop is a mobile device, so it's natural that the laptop and its content will be moving at some point. However, as long as the data is not moving off the laptop's hard disk drive, it's considered data at rest.
If you copy the data to a USB memory stick, then you've got two sets of data at rest: one on the laptop's hard disk, one on the USB memory stick.
Conversely, data moving through networks are not considered to be data at rest. For example, if you send an e-mail, that's not data at rest. If the e-mail is received and archived, then it's data at rest.
As you can see from the above example, whether data is at rest or not depends on what that data is doing.
Why the classification?
It may be because, depending on what type of encryption you use, your data may not be adequately protected.
Take full disk encryption as an example. Full disk encryption encrypts the hard drive completely: Anything saved on an encrypted hard drive will be protected automatically...as long as it resides on the drive.
To clarify that last point, if you copy a file off the encrypted hard drive or e-mail it to someone, that information will not be encrypted anymore. A copy of the file left behind will still be protected, since it's still on the hard drive; however, the new file that was copied over will not be.
If you will, it's like paper documents: a classified report placed in a locked vault is protected. Take it out and it's not so much.
If you'd like encryption that moves with the file, you need to use file encryption software.
So, depending on whether your data is at rest or not, you'll need to invest in the right type of encryption software.
Article source: alertboot.com
No comments:
Post a Comment