Going to the Source

Data-in-Motion software has long dominated industry’s data loss prevention strategy. The theory is that an organization’s network perimeter should be monitored, both to stop intruders from getting in and to keep confidential information from flowing out. If successful, this strategy protects sensitive information residing within an organization’s environment because it keeps the data inside an organization’s four walls.

However, despite deploying these types of solutions, it has become clear organizations continue to experience data breaches. As highlighted in Identity Finder’s whitepaper, the vast majority of data breaches arise from hackers and lost/stolen media. Hackers have demonstrated an impressive ability at overcoming security systems designed to keep them out. Additionally, Data-in-Motion solutions are often powerless to stop these hackers, since once hackers find sensitive data they can create encrypted tunnels that cannot be monitored. Lost media is also similarly not protected by Data-in-Motion software because thieves can use forensic tools to retrieve stored data contained within these devices.



Data-at-Rest software is relatively new and applies an alternative approach of finding the specific private data where it resides within an organization’s environment. Once found, this information can be cleaned – either it can be completely removed or appropriate protections can be placed on the specific confidential data. As a result, when hackers get past an organization’s defenses, their task of finding sensitive data becomes substantially more difficult because the organization has taken proactive and preventive action to protect the specific sensitive data these intruders seek. Additionally, lost hardware is also protected because the individual locations where the sensitive data has been found have either been shredded or encrypted, preventing thieves from accessing the information residing on the machine’s hard drive.

As discussed in Identity Finder’s whitepaper, more data breaches can be prevented by Data-at-Rest than Data-in-Motion because the nature of the most frequent data breaches lend themselves to the new Data-at-Rest approach. The Data-at-Rest solution finds the problem at the source and fixes it. In addition, Data-at-Rest technologies have the ability to change employee behavior because the technologies allow sensitive information to be quarantined and force data owners to communicate with IT staff to retrieve the information they need for their business processes. In the process of this communication, IT staff can educate employees to the risks of storing sensitive data in an unsecured format and ultimately influence their long-term actions.

Data-at-Rest solutions also have the additional benefit of helping organizations comply with numerous types of legislation, including HIPAA, PCI Compliance, and Massachusetts’ 201 CMR 17.00. These regulations all address how organizations need to manage the specific sensitive data this type of software identifies. Finally, Data-at-Rest software typically has a much lower total cost of ownership than Data-in-Motion software. Because Data-at-Rest software is easier to implement and manage on an ongoing basis, and the license costs of the software are typically much lower, organizations find that they are purchasing a more effective solution at a fraction of what they would normally pay for Data-in-Motion software.