Sensitive information in a data at rest state such as trade secrets, customer information, product pricing, human resource files, legal documents, and financial data resides in many parts of your computer network. File shares on servers are the most common places where data at rest is stored, like Microsoft Word, Excel, and PowerPoint documents. Sensitive data at rest can exist in any of these and other formats. You may have custom web or legacy client/server applications that store confidential data in a variety of file formats and should be also be protected.

The proliferation of low cost disk space has enabled people to purchase low cost storage devices like external USB drives, network attached storage (NAS), direct attached storage connected to servers, and even USB memory sticks. All these devices could contain sensitive data at rest. Unprotected, these documents can be easily copied to unsecure media. This could happen by people authorized or not authorized to take possession of these files. In either case, portable devices containing sensitive data could easily be lost or misused.

Encryption technology should meet or exceed NIST Special Publication 800-111, "Guide to Storage Encryption Technologies for End User Devices"

ExperiorData Solution: Encrypt data at rest using network share encryption technologies. Deploy endpoint solutions that enforce encryption policies for removable media.