Data in motion, also known as data in transit, refers to data that is actively moving across devices and networks. This includes files and folders sent or shared through email providers; data passing between public cloud, private cloud, and devices; and information shared through applications and integrations. Data in motion is the most active of the three states of data, among data in use and data at rest.
Data in motion can greatly challenge organizations to maintain control over their information, especially because remote work is becoming more common and company data spreads rapidly across devices and networks. As applications integrate with each other and make data sharing more seamless, unauthorized third-party applications may also gain access to sensitive data.
Methods of securing data in motion
Email, one of the most common methods for transmitting data, can be subject to hacks and unauthorized access. Because businesses constantly transfer files, file-level encryption is one of the most straightforward ways to protect them. File encryption encrypts a file for the duration of its passage across networks and devices: it stays encrypted until the designated recipient chooses to decrypt it. Asymmetric, or public-key, encryption is a more secure method of protecting data in motion because though it offers a public encryption key, visible to many who can encrypt it, only the owner of the private key (typically one user) can decrypt it. This protects data until it reaches its destination and is decrypted by an authorized user.
For organizations with many employees and many devices, especially ones scattered geographically, security for data in motion is extremely important. If employees are using public Wi-Fi networks, their devices should allow Opportunistic Wireless Encryption (OWE) and Wi-Fi Enhanced Open, which encrypt public Wi-Fi sessions, to protect sensitive data. But ideally, a company that is constantly transferring data between networks and devices should implement a virtual private network.
Virtual private networks (VPNs) require users to authenticate themselves before using a designated, private Internet network that belongs to that organization or individual. Would-be hackers or eavesdroppers cannot spy on a user’s Internet traffic while they are using a VPN. This helps protect data in motion while it moves across devices and servers. Virtual private networks are especially helpful for corporations that have employees in different locations and are extremely important for companies that regularly transmit sensitive data (such as financial or medical organizations).
For companies that heavily use cloud computing, finding a good cloud security provider is paramount. Good cloud security providers do exist, but some cloud environments have let data security slip through the cracks. It’s very challenging to secure data when it travels across different environments, especially the cloud, which is nebulous at best and unprotected at worst. One cloud security provider is McAfee, which offers MVISION Endpoint, an endpoint security platform that includes data loss prevention, endpoint security, and endpoint threat detection and response. Cloud access security brokers also monitor cloud access for organizations, requiring user authentication and monitoring cloud activity.