Cybersecurity, Data-at-Rest Encryption, and FIPS 140-2

Cybersecurity.

It’s the buzzword that keeps rearing its worrisome head in technology-related meetings across the globe. We can chat about COTS and custom rugged computers all day, but why progress any further if cybersecurity isn't a part of the discussion from the very beginning? Unfortunately, your critical data is always at risk, but thankfully, there are several measures you, your business, or your organization can implement to ensure that risk doesn’t turn into regret.

When discussing cybersecurity, concepts like data at rest, data in transit, data in use, which together make up the three states of digital data, as well as the specific measures implemented to curtail cyberattacks, inevitably become a part of the larger data protection conversation, but just what is data at rest, data in transit, and data in use? Furthermore, how can your knowledge of these concepts assist you when making decisions about how to protect your critical data?

Data at rest (DAR) is inactive data stored physically in any digital form, including databases, data warehouses, spreadsheets, archives, tapes, off-site backups, mobile devices, and more. Data in use (DIU), on the other hand, refers to active data stored by a computer’s RAM and CPU, while data in transit (DIT) refers to data transferred over both public and private networks, most often local area networks (LANs).

This harmless, everyday data may seem protected by your traditional firewalls, antivirus software, unique username, seemingly complicated password, and document locks; however, despite these standard security measures, your critical data is still subject to serious, potentially catastrophic threats from hackers, whose complex software- and hardware-level threats are more sophisticated today than ever before.

Data processing, transference, and storage, which are performed on the battlefield, in the air, on the ground, nearly everywhere, are processes that are subject to exploitation via a cyberattack, and thus, theft or deletion of some or all of a business’ or organization’s critical data.

To prevent this data from being accessed, modified, or stolen, businesses and organizations often employ password protection, data encryption, or a combination of both. The security options used for this type of data are often referred to as data at rest protection (DARP) and include a variety of cryptographic architecture solutions, such as key management, data at rest encryption for data at rest and data in transit, and FIPS 140-2, which is a U.S. government computer security standard used to validate and approve cryptographic hardware.

These cybersecurity requirements and others are being levied on numerous U.S. government programs today. A combination of some or all available solutions is needed to help secure, protect, and preserve the integrity of our government's critical data, which supports crucial infrastructural activities.

Trenton Systems offers its customers FIPS compliance and innovative cybersecurity technologies at every turn. We use FIPS 140-2 drive technology, TPM 2.0, customized BIOSes, and are looking to incorporate more cybersecurity technologies soon. We hear and understand our customers’ growing concerns and requirements for cybersecurity. Don't worry. We're on it.

If you have any questions about how our systems can help protect your critical data, don't hesitate to reach out to us. You can also contact me, personally, at kcarter@trentonsystems.com.