Key insight
Data lives in two situations that need separate protection: at rest (sitting still, e.g. a stolen laptop) and in transit (moving across a network, e.g. someone listening in). Covering only one leaves the other wide open. A quiet third — data in use, loaded in memory — is the hardest to protect, and it is exactly where AI agents spend their time.
A locked safe protects what is inside it while it sits in the room. An armoured truck protects what is inside it while it moves down the road. You would not use one to do the other’s job. Digital data has exactly these two situations too — at rest and in transit — and each needs its own kind of encryption. This article explains both, plus a quiet third situation that matters especially for AI agents.
1 · Encryption itself, in plain terms
Encryption is the process of scrambling data so that it is unreadable to anyone who does not hold the right key to unscramble it. That is the whole idea: with the key, the data reads normally; without it, the same data is just meaningless scrambled nonsense. Everything below is about when and where that scrambling is applied.
2 · Data at rest: sitting still
Data at rest is data sitting still — stored somewhere and not currently moving: on a hard drive, in a database, in a backup file, on a laptop in a bag. Encryption at rest protects against someone who physically or digitally gets hold of that stored copy. If a laptop is stolen or a backup file is copied, the thief holds the drive but not the key, so all they can read is scrambled nonsense.
3 · Data in transit: on the move
Data in transit is data moving from one place to another across a network — a web page loading, a file uploading, one system talking to another. Encryption in transit protects against someone quietly listening on the network in between and intercepting the traffic as it passes. Without the key, all they capture is scrambled nonsense too. This is exactly what the padlock in a browser’s address bar represents: the connection carrying your data is encrypted in transit.
4 · The common mistake: covering only one
These two protections are completely separate, and covering only one leaves the other wide open. A beautifully encrypted database is no help at all if the data travels to and from it unprotected, because anyone listening on the network reads it in the clear on the way. A perfectly secured connection is no help if the data then sits unencrypted at the destination, because anyone who steals that stored copy reads it directly. You genuinely need both, and one of the most common real-world gaps is a system that quietly has only one.
“It's encrypted” is not a complete answer. The right question is always “encrypted where — at rest, in transit, or both?” A yes to only one is a no to the other.
5 · The quiet third: data in use
There is a third situation worth knowing: data in use. This is data actively loaded into a program’s memory and being worked on right now. It is generally the hardest of the three to protect, for a simple reason: a program has to be able to read data in order to do anything useful with it, so at the exact moment of use, the data must be unscrambled somewhere. Specialized techniques exist to narrow this gap, but as a rule, data in use is the least-protected of the three states.
6 · Why the third situation matters most for AI agents
An AI agent, software that decides on its own which tools to call and constantly pulls data into memory to reason over it, spends much of its life in exactly that third situation. Encryption at rest and in transit protect the data everywhere except the moment the agent is actively using it — and an agent uses data almost continuously. That gap is precisely why limiting what an agent handles, and for how long, matters just as much as encrypting the storage and the network around it. The less sensitive data an agent loads into memory, and the shorter it holds it, the smaller the one window that encryption cannot cover.
7 · A simple test you can run this week
1. Pick one system that holds sensitive data.
2. Ask, separately: is the stored copy encrypted at rest? Is every connection to it encrypted in transit?
3. If either answer is “no” or “not sure,” you have found a gap.
4. For any AI agent involved, ask how much sensitive data it holds in memory, and for how long.
8 · Glossary — every short-form term, spelled out
- Encryption
- Scrambling data so it is unreadable to anyone without the right key to unscramble it.
- Key
- The secret that unscrambles encrypted data; without it, the data is meaningless nonsense.
- Data at rest
- Data sitting still in storage — a drive, a database, a backup, a laptop — not currently moving.
- Data in transit
- Data moving across a network from one place to another.
- Data in use
- Data actively loaded into a program's memory and being worked on right now — the hardest of the three to protect.
- AI agent
- Software that decides, on its own, which tools to call and which actions to take, and which constantly loads data into memory to reason over it.
Encryption scrambles data so only a key-holder can read it; the question is always where it is applied.
At rest protects stored copies (stolen laptop, copied backup); in transit protects data moving across a network (a listener in between).
Covering only one leaves the other wide open — you need both.
Data in use, loaded in memory, is the hardest to protect and exactly where AI agents live, so limit what an agent holds and for how long.
References
- NIST Special Publication 800-175B, Revision 1, Guideline for Using Cryptographic Standards: Cryptographic Mechanisms, National Institute of Standards and Technology. csrc.nist.gov