What is Data In Transit?
Data actively moving between locations over a network, protected by transport encryption like TLS/SSL.
Data in transit is vulnerable to interception, modification, and eavesdropping.
Threats
- Eavesdropping: Passively reading unencrypted traffic
- Man-in-the-middle: Intercepting and potentially modifying traffic
- DNS hijacking: Redirecting traffic to malicious servers
Protection Layers
- TLS/HTTPS: Encrypts web traffic (standard)
- VPN: Encrypts all network traffic
- End-to-end encryption: Protects content even from intermediate servers
- SSH: Encrypts terminal and file transfer sessions
The Unencrypted Gap
DNS queries, SNI headers, and traffic metadata often remain unencrypted even when content is protected. DNS-over-HTTPS and Encrypted Client Hello are closing these gaps.
Related Terms
HTTPS
Hypertext Transfer Protocol Secure is the encrypted version of HTTP, the protocol used to transfer data between your browser and websites. HTTPS uses TLS encryption to protect the confidentiality and integrity of data in transit, preventing eavesdropping and tampering.
TLS
Transport Layer Security is a cryptographic protocol designed to provide secure communication over a computer network. TLS encrypts the connection between your browser and web servers, ensuring privacy and data integrity. It's the technology behind HTTPS.
Virtual Private Network
A technology that creates a secure, encrypted connection over a less secure network, such as the public internet. VPNs mask your IP address, encrypt your internet traffic, and can make it appear as though you're browsing from a different location.
Have more questions?
Use our guided flow to get the right next privacy step for Data In Transit.
Open Guided Flow