Data in Motion (DiM) is any information that moves across a wire to a new location. Here are the top cyber security best practices when dealing with DiM.
Data in Motion (DiM) is any information that moves across a wire to a new location. Think of DiM as the information customers send to your database or the data that you transfer from a database to a web server.
Data in motion can be intercepted and stolen by hackers using man-in-the-middle (MitM) attacks, sniffing tools attached to your network, or even hijacking a user’s email account.
DiM is the most vulnerable to theft since it’s no longer in control by your security administrators, so organizations must create standards when dealing with it to stay in compliance with major regulatory standards and to protect customers from identity theft.
How to Determine Data in Motion versus Data at Rest
When discussing the two states of data, data has two forms: data in motion (DiM) and data at rest (DaR). The two forms need cyber security standards to protect from vulnerabilities, but DiM is any information passed along a wire. Data at rest is the information you store on a database, storage device, optical media, or any other form where it’s archived and does not move to another user.
DaR can become DiM during the transfer of information, but once it becomes DiM cyber security administrators use different strategies to protect it. To determine when data is in motion, just ask yourself if the data is moving from one location to another. If the answer is “Yes,” then you have data in motion and you need to take the necessary precautions.
Several regulatory guidelines require that DiM is protected in specific ways. These guidelines include HIPAA, SOX, PCI DSS, FISMA and several more oversee the way user data is handled and best practices when working with specific types of data.
For instance, HIPAA has regulations for healthcare data. PCI and SOX oversee the way financial data is stored. If any of these regulatory organizations oversee your data, you must comply with best practices or face the possibility of high fines for data breaches from poor cyber security procedures.
Read more: IT Security Best Practices Checklist
What Risks are Involved with Data in Motion?
Once data leaves a secure storage device, it’s in motion and vulnerable. It’s vulnerable to insider threats even if it’s transferred only between two people within the organization. It’s even more vulnerable after it leaves the organization over the Internet.
The frustrating part of cyber security and DiM is that administrators no longer have control of any data once it leaves the internal network. This is what makes DiM so vulnerable and any internal cyber security is rendered useless.
The biggest risk with DiM is that it’s usually sent to someone outside of any strict organization’s cyber security rules. For instance, a customer service person could send data to an end-user by email. This data is secured on the network, but once it reaches the inbox of a third party, it’s vulnerable to attacks on that entity.
The third party could suffer from an attack on their email account, or the third party could send the data to another user. Cyber security standards are lost once your data leaves the organization, so rules overseeing DiM should be strict and distributed to all users on the network.
Related: Vulnerability Assessment vs. Risk Assessment
Avoiding Data Breaches with DiM
Cloud sharing tools are one of the biggest culprits in cyber security breaches. In November 2017, the US Pentagon exposed data when it failed to properly configure its Amazon Web Services account. In the same month, US Army intelligence documents labeled “Top Secret” were also exposed due to poor security settings.
With cloud tools, organizations must understand the right settings to protect the organization from data breaches. Although the data is stored in a secure cloud setting, data is moved to this location and intercepted as it moves from one location to another.
Other cloud storage devices are also at risk such as Google Cloud Storage or Dropbox. Employees might share data with users outside of the organization using these services, and they can be improperly secured accidentally by employees who don’t understand the implications of failing to restrict access to the public Internet.
It should go without saying that data passed over the Internet should be encrypted. It’s not uncommon for organizations to pass data along the wire within the organization unencrypted. This type of DiM has been a source of data breaches, including the Target credit card theft in 2013. While most standards don’t require encryption with internal data, you should encrypt it whenever possible to avoid an “easy” attack from an insider.
In no way should an employee send private data in email communication. All data should be reviewed, edited, and created on a controlled platform such as a web server. Users should not send private data in email, but you can’t control the information sent from a third party.
You can set regulations and standards for employees when they email customers. All employees should fully understand that sending data in email is a security risk and could expose the organization to fees and fines due to poor cyber security procedures. Should the recipient get hacked or send data to another entity, the organization has no control over DiM exposed in the process.
Automation is common in IT, but it shouldn’t be used when sending data to a third party. For instance, you might have data sent to a third-party marketing organization. All data should be reviewed before sending this type of data to someone outside of the organization. Any automation tools can have bugs or deliver the wrong data, and you can’t get it back. This would be an example of a data breach that would need to be reported, and it can lead to fines and lawsuits.
Securing DiM requires several steps. You first identify the data at risk and then determine if you must follow any regulatory standards that oversee the way that data is managed. Risk management gets involved with identifying any data and factors that could affect your DiM, so you should consult cyber security specialists that can help you find all data in motion that could be affected.
Once you know DiM is vulnerable to attacks, you can take the necessary steps to secure it. It could take analysis and change to current procedures, or it could be the addition to better encryption and cyber security implementations. Since this data is the most vulnerable to attacks, you should always use the best ways to ensure that hackers are unable to intercept it and use it for identity theft.