Data States

Data states refer to the different conditions in which data exists, encompassing both structured and unstructured information. They are typically divided into three categories: at rest, in use, and in transit.

Data at Rest

Data stored on physical or digital media that is not actively being processed or transmitted.

• Examples: Databases, File servers, Cloud storage, Backups, Endpoint devices  
• Security Controls:
  • Encryption: Full disk, file-level, and database encryption to protect confidentiality.  
  • Access Controls: Role-Based Access Control (RBAC) and the principle of least privilege.  
  • Data Loss Prevention (DLP): Identifies and protects sensitive stored data.  
  • Integrity Controls: Hashing and checksums to detect unauthorized modifications. 
  • Availability Controls: Backups, redundancy, and disaster recovery plans.  
  • Cloud Access Security Broker (CASB): Enforces policies for cloud-stored data.  
  • Mobile Device Management (MDM): Secures data on mobile endpoints (e.g., remote wipe, enforced encryption).

Example

echo # prints text to standard output
“Hello World” # the exact string being printed
> # redirects output into a file (overwrites file if it exists)
file.txt # destination file

echo "Qeeqbox" > file.txt

ls # list directory contents
– l # use long listing format (permissions, owner, size, date)
file.txt # the specific file to display info about

ls -l file.txt

Data in Use

Data actively accessed, processed, or modified by users or applications, typically in memory (RAM).

• Examples: Editing documents, Running applications, Processing transactions  
• Security Controls:
  • Access Controls & Authentication: Ensures only authorized users or processes can access data.  
  • Privileged Access Management (PAM): Monitors and restricts administrative access.  
  • Rights Management (Digital Rights Management/Information Rights Management): Controls usage (e.g., restricts copy, print, and forwarding).  
  • Endpoint Security: Endpoint Detection and Response (EDR) and antivirus solutions to detect malicious activity during use.  
  • Data Masking/Tokenization: Protects sensitive data during processing.  
  • Session Controls: Implement timeouts, re-authentication, and continuous monitoring.  
  • DLP (Endpoint): Prevents unauthorized actions, such as copying to USB devices.  

Note: Traditional encryption does not fully protect data in use since it must be decrypted in memory. Advanced methods like confidential computing exist but are not yet standard.

Example

nano # open the nano text editor
file.txt # target file to open or create

nano file.txt

ps aux # list all running processes with details
| # pipe sends output of left command to right command
grep nano # filter results to only lines containing “nano”

ps aux | grep nano

Data in Transit

Data that is transmitted between systems, networks, or users.

• Examples: Emails, Web traffic, File transfers, API communications  
• Security Controls:
  • Encryption in Transit: Utilize TLS/SSL (HTTPS), secure email encryption, and VPNs.  
  • Secure Protocols: Use SFTP and SSH instead of insecure protocols like FTP and Telnet.  
  • DLP (Network): Monitors and blocks unauthorized data exfiltration.  
  • CASB: Controls data movement to and from cloud services.  
  • Integrity Controls: Use digital signatures to verify authenticity and prevent tampering.  
  • Network Security Monitoring: Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) to detect attacks and anomalies.  
  • Rights Management (DRM/IRM): Maintains usage restrictions after sharing.  

Example

curl # Run the curl command-line download tool
https://qeeqbox.com/file.txt # URL of the file to download
-o file.txt # Save the downloaded content as “file.txt”

curl https://qeeqbox.com/dummy.txt -o file.txt