Protecting Data in Transit

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> We've talked about different modes of data
00:00
in transit process and at rest,
00:00
but now we're going to talk about some of
00:00
the methods for protecting data in transit.
00:00
In this lesson we're going to consider
00:00
when you should secure data in transit and also talk
00:00
about some of the methods for
00:00
securely encrypting and protecting data in transit.
00:00
As we said before,
00:00
one of the main ways of protecting data in
00:00
transit is using Transport Layer Secure protocol
00:00
to encrypt information when it's traveling
00:00
over the Internet between two different points.
00:00
Now, how this is done in different methods,
00:00
there are a few of those.
00:00
We're going to talk about link/network encryption.
00:00
Link encryption is really a technique
00:00
>> when communication
00:00
>> is traveling along a network or
00:00
encrypted and decrypted at every stage.
00:00
Each different node along the network,
00:00
they're hitting everything has
00:00
be encrypted and decrypted.
00:00
This is used among the setting that's done in
00:00
various networks to prevent information
00:00
from being exposed or prevent
00:00
human error when people forget
00:00
to configure things properly,
00:00
to protect things from encryption.
00:00
One of the other aspect or is an example of
00:00
a link encryption is a virtual
00:00
>> private network or a VPN.
00:00
>> I think these are becoming more and more commonplace,
00:00
more and more regular.
00:00
People outside the context of security
00:00
>> or technology know
00:00
>> about VPNs from a privacy perspective,
00:00
but don't necessarily always think about
00:00
them from a security perspective that a VPN is
00:00
really the application of a secure or
00:00
an encryption protocol that either creates
00:00
a completely secure channel or
00:00
partially encrypted tunnel between
00:00
>> two endpoints to allow
00:00
>> for data in transit to traverse in a secure manner.
00:00
Client/application encryption is really encryption
00:00
that's applied before packets
00:00
or information are transmitted.
00:00
This is done oftentimes when you're not certain that,
00:00
where you have to share with
00:00
a third party and you want to
00:00
add another layer of security to
00:00
the transmission to ensure that
00:00
you've encrypted all the information before
00:00
it's transmitted even over a secure channel.
00:00
Then there's proxy-based encryption.
00:00
This one data is transmitted
00:00
to a proxy application or a server
00:00
which encrypts it before sending
00:00
it out further to the network or other applications.
00:00
Basically, it's I think done
00:00
and many architectures to ensure that data gets
00:00
encrypted but doesn't compromise the performance of
00:00
the underlying applications by having
00:00
to decrypt the information before it's processed.
00:00
A quiz question. Which of the following creates
00:00
an encrypted tunnel for secure data in transit?
00:00
Virtual private network,
00:00
application encryption, or proxy-based encryption?
00:00
In the context of that terminology of tunnel,
00:00
that's typically associated with
00:00
virtual private networks.
00:00
They're becoming more popular,
00:00
sold to regular old people to
00:00
use VPNs for privacy reasons because the encryption
00:00
enables the confidentiality and prevents even
00:00
some of the provider from seeing what
00:00
traffic is traversing the network
00:00
when it's properly encrypted or sent through a VPN.
00:00
In summary, we've talked about
00:00
>> some of the common methods
00:00
>> for securing data in transit,
00:00
talked about the use cases and reasons
00:00
for why you might use one method over another.
00:00
I'll see you in the next lesson.
Up Next