Protecting Data at Rest with Device Encryption

Why does this topic matter?

• This topic matters because protecting data is a major priority as a cybersecurity professional. Know about protecting data at rest is a valuable skill to have.

From your day to day computer use, provide examples of when data is at rest and when it is in transit.

• On my day to day use for my computer, I would say that my data is at rest when I save files on my hard drive and when I download programs such as video games from steam.
• For data in transit, my computer sends and receives information daily via notifications, emails, and streaming video content on HBO.

Explain the role data encryption with regards to the CIA triad.

• Data encryption plays an important role in the CIA triad. Encryption is used to both ensure the confidentiality and integrity of the data.
• With encryption, data at rest would be secure form unauthorized individuals by making the information unreadable without the proper key. While in transit, encryption via SSH or OpenSSL tunneling will make it difficult for intruders to view the data as its being sent.
• When it comes to integrity, encryption methods are used to produce a hash based on the data itself. If the data was altered, then the hash can be compared, and if the new hash does not match the original one then we know its been changed. This is very useful in avoiding disputes, disruptions, and distrust of the data.

Things I would like to know more about.

• I would like to know about ways the encryption of data at rest could be automated. I understand that not all data could be encrypted due to resource availability and impacts to network performance. So knowing how data could be categorized and efficiently encrypted via automation would be a great interest to me.