Readings: Protecting Data at Rest with Device Encryption

From your day to day computer use, provide examples of when data is at rest and when it is in transit.

Examples of Data at rest:Email messages stored in your local email client or server when they are not being accessed or transferred.Data stored on mobile devices like smartphones or tablets when they are not being actively used or synchronized with other devices.Archived data that is backed up and stored in offline storage systems like tape drives or optical discs.

Examples of Data in transit:When you send an email, the message is transmitted from your device to the email server or service.Uploading or downloading files from a cloud storage service or a file-sharing platform.When you browse the internet and request web pages or download files, the data is transmitted between the web server and your device.

Explain the role data encryption with regards to the CIA triad.

Confidentiality: Data encryption helps ensure confidentiality by transforming plaintext (unencrypted data) into ciphertext (encrypted data) using encryption algorithms. Encryption makes the data unreadable and unintelligible to unauthorized individuals or entities who may intercept or access the data.

Integrity: Encryption also contributes to data integrity. By using cryptographic algorithms, encryption can create digital signatures or message authentication codes (MACs) that accompany the encrypted data. These signatures or MACs provide a way to verify the integrity of the data during transit or when it is at rest. Any unauthorized modification or tampering of the encrypted data would be detected, as the signature or MAC would fail to match the decrypted data. Thus, encryption helps ensure that data remains unaltered and maintains its integrity.

Availability: While encryption primarily focuses on confidentiality and integrity, it indirectly supports availability. By protecting sensitive data through encryption, organizations can mitigate the risk of data breaches and unauthorized access, which can lead to service disruptions or unavailability of data. Encryption helps prevent unauthorized individuals from accessing and manipulating data, thus contributing to the overall availability of the data and the systems that store or transmit it.