Expressvpn Glossary
Data in motion
What is data in motion?
Data in motion, often called data in transit, is data that’s actively moving from one location to another, between systems, devices, apps, or cloud services. It travels through networks, routers, access points, and other parts of networking infrastructure.
See also: Data at rest, communication protocol, data link layer, data breach, digital trust
Examples of data in motion
Data in motion is present in almost every digital interaction, including:
- An email traveling across multiple servers before reaching its destination.
- Financial data moving between a customer, merchant, and payment network during a transaction.
- Text messages sent over messaging apps.
- Video streamed over the internet.
- Files being uploaded to cloud storage.
Risks and privacy concerns
If protections are missing or weak for data in motion, common risks include:
- Interception: Data traveling across networks can be captured by someone positioned along the route through techniques like packet sniffing on unsecured connections.
- Alteration: Data in transit can be modified before it reaches its destination, without either party being aware.
- Metadata exposure: Even when content is protected, information about the transmission, such as who is communicating and when, may be visible to third parties.
- Regulatory risk: Organizations that fail to adequately protect data in transit may be in breach of regulations such as the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accountability Act (HIPAA).
How is data in motion protected?
The primary method is encryption, which makes data more difficult for anyone who intercepts it during transmission to read. The most widely used protocol is Transport Layer Security (TLS), which secures connections between browsers, applications, and servers. For a higher level of protection, end-to-end encryption (E2EE) is also used.
To secure traffic between two network points, organizations may use a virtual private network (VPN). This tool creates an encrypted tunnel for data in motion to pass through between two networks or a network and a device in remote access technologies.
Protection also depends on trusting the connection itself. Secure systems rely on authentication and certificate checks to ensure a device connects to the intended service rather than an impostor.
Further reading
- How to encrypt your internet traffic and protect your privacy
- End-to-end encryption: What it is and why it matters
- HTTPS vs. VPN: What’s the difference, and do you need both?