"Data at rest
" means the bank account information, including login credentials and passwords, that must remain in a database for at least seven years for regulatory reasons.
With just months to go, companies should have clear thinking in place with regard to securing both data at rest
and in transit--but with so many vendors insisting that rip and replace of encryption devices is the only option, it is little surprise that many companies have failed to make the change.
For that to happen, all data in transit and all data at rest
(in India) would have to be defensibly encrypted, with keys residing in Germany.
Traditional BI solutions such as Qlik-View and Tableau have only yielded results on data at rest
. According to Clegg, "The world that we operate on is the world of what some call data in motion.
At Motorola Solutions, a telecommunications solutions provider for government and enterprise customers, network and handset precautions encompass securing data at rest
as well as in motion.
Computer security specialist Loshin explains how to to protect data in motion through the Internet using Gnu Privacy Guard (GnuPG) encryption software, and more briefly how to protect data at rest
by using full disk encryption on modern operating systems.
There is no good way to correlate data at rest
with data in motion (including operational and transient data that will never be stored in databases) with external data (suppliers, partners, customers via social networks all beyond the firewall) with data from mobile devices with data from cloud applications without an integrated backbone.
Other recommendations include standard security blocking and tackling, including the use of firewalls and endpoint security software, encryption of data at rest
and during transmission, and rigorous access controls to healthcare networks.
Gazzang solutions transparently encrypt and secure data at rest
and provide customers with a policy-based key manager that returns control of the cryptographic keys to the data owners, instead of cloud or operating system administrators.
* DATA AT REST
: Certain systems, such as customer relationship management (CRM) systems or policy administration systems, serve as the source of input information to other systems.
Data at rest
has long been protected by technology called public key infrastructure (PKI), in which data is encrypted when it's created by a public key and only decrypted, in theory, by an authorised person holding the private key.
There are also potential issues with trying to index data that is in encrypted form in the database, so encryption approaches will have to examine not only data in flight (point to point encryption) as well as data at rest
(databases and other forms of storage).