Subscribe to the Non-Human & AI Identity Journal

Forums
The Non-Human & AI ...
NHI, AI & IAM Best ...
Data at rest, in us...
 
Notifications
Clear all

Data at rest, in use, and in motion: what teams miss

 
    Last Post
  RSS

 NHI Mgmt Group
(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 4368
Topic starter 10/06/2026 11:40 pm  

TL;DR: Securing data across rest, in use, and in motion requires different controls for storage, processing, and transmission, and the article frames encryption, access control, and monitoring as the core layers for reducing exposure. The practical lesson is that data protection fails when teams treat encryption as a single control instead of a state-specific governance model.

NHIMG editorial — based on content published by Netwrix: How to secure data at rest, in use, and in motion

Questions worth separating out

Q: How should teams secure data at rest without relying on encryption alone?

A: Teams should pair encryption at rest with strict key custody, access reviews, and rotation controls.

Q: Why do data in motion controls still fail in well-defended environments?

A: Data in motion controls fail when organisations assume the network path is trustworthy.

Q: How do organisations reduce exposure for data in use?

A: They reduce exposure by limiting which workloads, services, and users can decrypt data during processing, then logging those interactions.

Practitioner guidance

  • Map controls to each data state Define separate control requirements for data at rest, data in use, and data in motion.
  • Treat key management as identity governance Inventory who and what can access encryption keys, vaults, and certificate authorities.
  • Harden session and transport trust Use strong authentication for workloads and users that exchange sensitive data, then monitor transfers for unusual volume, destination drift, or unexpected privilege use.

What's in the full article

Netwrix's full blog post covers the operational detail this post intentionally leaves for the source:

  • Encryption choices and implementation detail for each data state
  • Practical handling of encryption keys, certificates, and secrets in day-to-day operations
  • How to think about protection tradeoffs across storage, processing, and transfer
  • The article's own FAQ-style explanations for common encryption questions

👉 Read Netwrix's guide on securing data at rest, in use, and in motion →

Data at rest, in use, and in motion: what teams miss?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
Topic Tags
netwrix data-protection encryption secrets-management zero-trust
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  netwrix (122) , data-protection (10) , encryption (4) , secrets-management (109) , zero-trust (267) ,
Share:

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.