Data in Use

Data in use refers to data that is actively stored in computer memory, such as RAM, CPU caches, or CPU registers. It is not passively stored in a stable destination, but moving through various systems, each of which could be vulnerable to attacks. Data in use can be a target for exfiltration attempts as it might contain sensitive information such as PCI or PII data.

To protect data in use, businesses can use encryption techniques such as end-to-end encryption (E2EE) and hardware-based approaches such as confidential computing. On the policy level, organizations should implement user authentication and authorization controls, review user permissions, and monitor file events. 

Data leak prevention (DLP) software can identify and alert security teams that data in use is being attacked; in public cloud deployments, this is better achieved through the use of data detection and response tools.