An organization will select appropriate security controls to protect from disclosure or undetected alterations to data whether it is at rest, in use, or in transit. This can include passwords, backups, cryptography, etc.
Data at rest control examples are:
- Encryption
- Secure password management
- Labeling removable media
Data in use and in transit control examples are:
- End-to-end encryption
- Link encryption
- Monitoring and surveillance tools
- Data Loss Prevention technology
Data disposal control examples are:
- Data destruction/remanence
- Erasure
- Clearing
- Purging
- Degaussing
Cybersecurity Fundamentals 