The Data Triad

Sensitive data must be protected throughout its lifecycle — whether at rest on the file system, as it moves the network, and while it’s being used or processed.
Triad Infographic

The Three States of Data

Data at 
Rest
Data in 
Transit
Data in 
Use
Data is often an organization’s largest and most valuable asset, making it a prime target for all types of adversaries. If there is data of value at stake, it must be protected at all times. Ensuring the protection of sensitive assets requires a holistic, data-centric approach — an approach we highlight through The Data Triad. While Data at Rest and Data in Transit are commonly protected using standard data and transport encryption, the Data in Use segment of The Triad is frequently overlooked by organizations of all types.
Leveraging the power of Privacy Enhancing Technologies (PETs), Enveil’s ZeroReveal® solutions are specifically designed to ensure Data in Use protection by ensuring the content of your search, analytic, or machine learning model – and its corresponding results – remain encrypted during processing. This unmatched capability allows sensitive or regulated data to be securely processed and in a privacy-preserving manner without the risk of exposure. Whether performing searches or analytics on data you own, seeking information from a third-party data provider, or driving revenue by securely monetizing your data assets, Enveil ZeroReveal® changes the paradigm of how and where your organization can leverage data to unlock value.
The Data Triad
The Data Triad Quote

Frequently Asked Questions

What is The Data Triad?

Enveil is focused entirely on protecting data while it’s being used or processed, what we call Data in Use. This is different from the more familiar types of encryption that protect data as it moves through the network or while it’s at rest on the file system. We think it’s helpful to think of the distinction between these three states of data — at rest, in transit, and in use — as three points of a triangle that we call The Data Triad. While all are important, Data in Use is the segment that is most frequently overlooked, in part because it’s a hard problem to solve but also because, until fairly recently, there was a lack of scalable, practical, commercial-ready solutions.

When does sensitive data need to be protected?

Sensitive data must be protected at all points in its lifecycle: at rest, in transit, and in use.

Data at Rest: Categorized as inactive data stored in any digital form, data at rest resides on the hard drive or in databases, data lakes, cloud storage or other locations and is commonly protected by perimeter-based, access control and user authentication technologies. Additional security measures such as data encryption are commonly added depending on the level of sensitivity.

Data in Transit: Data is vulnerable as it moves through a private network, public/untrusted space or a local device, and it is, therefore, standard practice to protect it using transport encryption. If businesses adhere to proper protocols, this is an efficient and effective defense strategy for data in transit.

Data in Use: Representing data while it’s being used or processed, Data in Use has become the point of least resistance for increasingly sophisticated attackers, as it is the most commonly overlooked segment of the Data Security Triad. Technical methods for securing Data in Use come from the category of Privacy Enhancing Technologies, including homomorphic encryption, secure multiparty compute, and trusted execution environments.

Why do I need to keep my data encrypted throughout its processing lifecycle?

Encryption renders data useless to an attacker, making it unreadable and therefore removing its value. Thus, encryption is able to undermine the attackers’ purpose – stealing assets of value – and makes the target infinitely less appealing. Experience tells us that if there is data of value at stake, attackers will find a way to find and reach it – we can’t just lock the front door; every point of entry needs to be protected. Consequently, limiting encryption to only a portion of the The Data Triad is a dangerous oversight. It is critical to protect data at rest, in transit, and in use.

Does your solution protect all my data?

No, we exclusively focus on protecting data while it's being used or processed, what we call Data in Use. This is different from other common forms of encryption, such as protecting Data at Rest on the file system, or Data in Transit as it moves through the network. You can think of Data in Use as the interaction with the data – we encrypt the search, analytic, or machine learning model itself, as well as the corresponding results throughout the processing lifecycle. Using our ZeroReveal® solutions, organizations can securely derive insights, cross-match, and search third-party data assets without ever revealing the contents of the search itself or compromising the security or ownership of the underlying data. Enveil works alongside existing systems with ease to enhance security and ensure sensitive assets such as Intellectual Property, PII, and other compliance critical data are protected throughout the processing lifecycle.

Related Articles

August 31, 2021

Cyber Defense Magazine: A PETs-Enabled Path to Secure & Private Data Monetization

In this article for Cyber Defense Magazine, Enveil CEO Ellison Anne Williams writes about how Privacy Enhancing Technologies can help businesses securely and privately monetize data assets.
Read story
June 11, 2019

Forbes: Compliance Is The New Normal – It's Time To Lock Down The Data

In this article for Forbes, Enveil CEO Ellison Anne Williams writes that with the GDPR’s first year behind us, it’s time to shift our collective focus to ensuring the personal data businesses use and possess is truly locked down.

Read story
March 15, 2019

SecurityWeek: Uncovering the Data Security Triad

In this column for SecurityWeek, Enveil CEO Ellison Anne Williams introduces the Data Security Triad and outlines why data must be protected as it exists at all points in the processing lifecycle.

Read story
August 1, 2018

CyberWire Podcast: Data-Centric Security

On this episode of The CyberWire podcast, Enveil CEO Ellison Anne Williams discusses the data security triad and why it's critical to protect Data in Use.

Read story
See All Articles
To learn more about the expanded value unlocked by Enveil, please schedule a meeting.
Enveil is a pioneering Privacy Enhancing Technology company protecting Data in Use. Enveil’s business-enabling and privacy-preserving capabilities change the paradigm of how and where organizations can leverage data to unlock value. Defining the transformative category of Privacy Enhancing Technologies (PETs), Enveil’s award-winning ZeroReveal® solutions for secure data usage, sharing, collaboration, and monetization protect data while it's being used or processed. Customers can extract insights, cross-match, search, and analyze data assets at scale without ever revealing the content of the search itself, compromising the security or ownership of the underlying data, or exposing their interests and intent.
Copyright © 2023 Enveil