Key insight

Data lives in two situations that need separate protection: at rest (sitting still, e.g. a stolen laptop) and in transit (moving across a network, e.g. someone listening in). Covering only one leaves the other wide open. A quiet third — data in use, loaded in memory — is the hardest to protect, and it is exactly where AI agents spend their time.

A locked safe protects what is inside it while it sits in the room. An armoured truck protects what is inside it while it moves down the road. You would not use one to do the other’s job. Digital data has exactly these two situations too — at rest and in transit — and each needs its own kind of encryption. This article explains both, plus a quiet third situation that matters especially for AI agents.

1 · Encryption itself, in plain terms

Encryption is the process of scrambling data so that it is unreadable to anyone who does not hold the right key to unscramble it. That is the whole idea: with the key, the data reads normally; without it, the same data is just meaningless scrambled nonsense. Everything below is about when and where that scrambling is applied.

2 · Data at rest: sitting still

Data at rest is data sitting still — stored somewhere and not currently moving: on a hard drive, in a database, in a backup file, on a laptop in a bag. Encryption at rest protects against someone who physically or digitally gets hold of that stored copy. If a laptop is stolen or a backup file is copied, the thief holds the drive but not the key, so all they can read is scrambled nonsense.

3 · Data in transit: on the move

Data in transit is data moving from one place to another across a network — a web page loading, a file uploading, one system talking to another. Encryption in transit protects against someone quietly listening on the network in between and intercepting the traffic as it passes. Without the key, all they capture is scrambled nonsense too. This is exactly what the padlock in a browser’s address bar represents: the connection carrying your data is encrypted in transit.

Encryption at rest protecting stored data and encryption in transit protecting data moving across a network On the left, a locked database box labelled at rest resists a thief with a stolen copy. In the middle, an encrypted connection labelled in transit carries data past a listener who captures only scrambled nonsense. On the right, the destination system receives the data. Stored dataencrypted at rest Destinationsystem encrypted in transit a listener here captures only scrambled nonsense
Figure 1. Two situations, two protections: the lock on the stored copy, and the encrypted pipe between endpoints.

4 · The common mistake: covering only one

These two protections are completely separate, and covering only one leaves the other wide open. A beautifully encrypted database is no help at all if the data travels to and from it unprotected, because anyone listening on the network reads it in the clear on the way. A perfectly secured connection is no help if the data then sits unencrypted at the destination, because anyone who steals that stored copy reads it directly. You genuinely need both, and one of the most common real-world gaps is a system that quietly has only one.

Neither substitutes for the other

“It's encrypted” is not a complete answer. The right question is always “encrypted where — at rest, in transit, or both?” A yes to only one is a no to the other.

5 · The quiet third: data in use

There is a third situation worth knowing: data in use. This is data actively loaded into a program’s memory and being worked on right now. It is generally the hardest of the three to protect, for a simple reason: a program has to be able to read data in order to do anything useful with it, so at the exact moment of use, the data must be unscrambled somewhere. Specialized techniques exist to narrow this gap, but as a rule, data in use is the least-protected of the three states.

6 · Why the third situation matters most for AI agents

An AI agent, software that decides on its own which tools to call and constantly pulls data into memory to reason over it, spends much of its life in exactly that third situation. Encryption at rest and in transit protect the data everywhere except the moment the agent is actively using it — and an agent uses data almost continuously. That gap is precisely why limiting what an agent handles, and for how long, matters just as much as encrypting the storage and the network around it. The less sensitive data an agent loads into memory, and the shorter it holds it, the smaller the one window that encryption cannot cover.

7 · A simple test you can run this week

Try this before an incident forces the question

1. Pick one system that holds sensitive data.
2. Ask, separately: is the stored copy encrypted at rest? Is every connection to it encrypted in transit?
3. If either answer is “no” or “not sure,” you have found a gap.
4. For any AI agent involved, ask how much sensitive data it holds in memory, and for how long.

8 · Glossary — every short-form term, spelled out

Encryption
Scrambling data so it is unreadable to anyone without the right key to unscramble it.
Key
The secret that unscrambles encrypted data; without it, the data is meaningless nonsense.
Data at rest
Data sitting still in storage — a drive, a database, a backup, a laptop — not currently moving.
Data in transit
Data moving across a network from one place to another.
Data in use
Data actively loaded into a program's memory and being worked on right now — the hardest of the three to protect.
AI agent
Software that decides, on its own, which tools to call and which actions to take, and which constantly loads data into memory to reason over it.
Key takeaways

Encryption scrambles data so only a key-holder can read it; the question is always where it is applied.
At rest protects stored copies (stolen laptop, copied backup); in transit protects data moving across a network (a listener in between).
Covering only one leaves the other wide open — you need both.
Data in use, loaded in memory, is the hardest to protect and exactly where AI agents live, so limit what an agent holds and for how long.

References

  1. NIST Special Publication 800-175B, Revision 1, Guideline for Using Cryptographic Standards: Cryptographic Mechanisms, National Institute of Standards and Technology. csrc.nist.gov