With data in motion, encryption efforts are made more complicated because of the potential parties who may have access to the data while it's in transit.
Data in motion, as the term implies, is data on the move from one point to another. Like its counterparts — data at rest and data in use — encryption is implemented as an all-encompassing security solution, but unfortunately not everyone uses it that way. When data is a moving target, it's a little more complicated.
"Probably the most common challenge with data in motion as opposed to data at rest is understanding all the parties who have access to data while it is in transit," said Alex Pezold, CEO of TokenEx, a data security consultancy headquartered in Tulsa, Oklahoma. "From authentication to authorization, protecting data in transit introduces many technologies which all need to be secured."
The approach taken in securing transmitted data will largely depend on the value of the data. Finance and health care, for example, will require compliance with industry standards such as PCI-DSS and HIPAA, respectively.
Klingon Not Necessary
While you understand the concept of data flow at least holistically (your neighbor sysadmin may be able to talk about it in fluent Klingon), identifying all potential risks is not an easy task. "My suggestion to any IT pro trying to manage data in motion would be to make sure you understand the sensitivity of the data being transmitted and the controls necessary to protect such data to ensure the authenticity, authority and integrity," says Pezold.
Modern businesses communicate all the time, using a multitude of formats and platforms on both wired and wireless networks. Add potential attack vectors such as the cloud and IoT-enabled devices, and they begin to appreciate the problem almost as much as you do.
"Data in motion requires a complete understanding of the data flow, from end to end," reminds Pezold. "Included in this understanding are any technologies that could impact it and [the identification of locations] where possible hijacking opportunities exist."
Point-to-point communication or not, hackers will try to intercept communications and often use the same tools your shop does to analyze traffic. But, suggests Pezold, "it is typically analyzed using network sniffers and packet capture technologies. These technologies allow an IT analyst to capture, analyze and troubleshoot issues with data in motion."
Integrity and Public Services
Data integrity is crucial and, according to Pezold, "can be achieved through HMAC where a checksum of sorts is used to ensure data has not been tampered with and that the message originated from the actual sender instead of someone else."
Do your users access public cloud services to share critical data with others? Don't do that. Many public services do not offer encryption in motion or at rest. Perhaps encryption is the answer? If you encrypt all your data at source, even if it compromised, it's of no benefit to a third party without a lot of effort to decrypt it. Maybe your users connect to free Wi-Fi hotspots. Again, instruct them to cut it out; they're an obvious endpoint for hackers to gather sensitive info.
If you're truly serious about securing your data, invest in a managed file transfer system (MFT) to ensure secure communication with business contacts. Use encryption at all points of the data journey (whether using VPNs for remote access, FTP, SSH, SSL or cloud access) and use multifactor authentication where possible to minimize risk of a security breach through an employee machine. Examining log files to determine if a breach has occurred is of little benefit amid the existence of Big Data. Real-time reactions are what's needed. Does your security posture for active data need improvement?