Most organizations have invested heavily in protecting data at rest and data in transit. Encryption standards are mature, compliance frameworks require them, and security teams understand how to implement them.
However, the greatest exposure often occurs when data is actively being used.
Data in use protection refers to the technologies and security controls that protect sensitive information while it is actively being processed, analyzed, queried, or used by applications and AI systems. Unlike traditional encryption, which protects stored or transmitted data, data in use protection secures information during computation, when it is traditionally exposed in memory.
As organizations adopt AI, collaborate across institutional boundaries, and increasingly rely on cloud infrastructure, protecting data during processing has become one of the most important challenges in cybersecurity.
TL;DR
- Data in use protection secures information while it is actively being processed.
- Traditional encryption protects data at rest and in transit but leaves data exposed during computation.
- AI training, AI inference, and collaborative analytics have made data in use protection a strategic requirement.
- Trusted Execution Environments (TEEs), Fully Homomorphic Encryption (FHE), and Secure Multi-Party Computation (MPC) are the primary technologies used to protect data during processing.
- Data in use protection enables organizations to unlock the value of sensitive data without exposing it.
What Is Data in Use Protection?
Data exists in three distinct states:
| Data State | Description | Typical Protection |
| Data at Rest | Stored in databases, file systems, or cloud storage | Encryption |
| Data in Transit | Moving between systems or users | TLS and encrypted communications |
| Data in Use | Being actively processed by applications, analytics platforms, or AI models | Data in use protection technologies |
Most organizations have effectively addressed the first two states.
The third state remains the largest gap in modern data security.
When applications perform analytics, execute database queries, train machine learning models, or run AI inference workloads, the underlying data must traditionally be decrypted before processing. During this period, sensitive information becomes visible to the processing environment.
This creates an exposure window that conventional encryption cannot address.
Attackers increasingly target this layer through:
- Memory scraping attacks
- Hypervisor compromise
- Insider threats
- Supply chain attacks
- Cloud administrator access
- Runtime environment vulnerabilities
The challenge is structural. Traditional encryption was designed to protect stored or transmitted data. It was never designed to protect data while it is actively being computed upon.
As a result, organizations often find themselves in a position where their most sensitive information is protected everywhere except where it generates value.
Why Data in Use Protection Matters Now
The importance of data in use protection has increased dramatically over the past decade.
Three major shifts are driving this change:
AI Requires Massive Amounts of Sensitive Data
Modern AI systems depend on access to data.
Organizations are training and deploying models using:
- Patient records
- Financial transactions
- Insurance claims
- Customer interactions
- Proprietary business information
- Government intelligence
In many cases, these datasets contain some of the most sensitive information an organization possesses.
Unlike traditional applications that may briefly access records, AI workloads often process enormous volumes of information repeatedly over hours, days, or even weeks.
This significantly expands the exposure window.
Key Takeaway
Most organizations have already solved data-at-rest and data-in-transit security.
The next frontier is data in use protection, securing sensitive information while it is actively being processed by AI models, analytics platforms, and collaborative workflows.
As AI adoption accelerates, protecting data during computation is becoming just as important as protecting where it is stored.
Cloud Infrastructure Changes the Trust Model
Organizations increasingly run analytics and AI workloads on cloud infrastructure.
While cloud providers offer strong security controls, the reality is that infrastructure ownership and data ownership are no longer the same thing.
Sensitive data is often processed on infrastructure operated by:
- Cloud providers
- Managed service providers
- Research institutions
- Industry consortiums
- Third-party partners
This creates a new challenge: how can organizations leverage shared infrastructure without exposing their most valuable data?
Data in use protection technologies are part of a broader category of privacy-enhancing technologies (PETs) designed to enable organizations to compute on sensitive information without exposing it during processing.
AI Inference Creates New Exposure Paths
The growth of generative AI has introduced an entirely new category of risk.
AI systems increasingly interact with:
- Internal knowledge bases
- Customer records
- Financial information
- Healthcare data
- Intellectual property
Every prompt, retrieval operation, and model interaction creates a potential processing event involving sensitive information.
Protecting data during training is important.
Protecting data during training is important. Protecting data during inference is becoming equally critical for organizations building and deploying secure AI applications.
Why Data in Use Protection Unlocks Secure Collaboration
Many of the most valuable AI and analytics initiatives require collaboration across organizational boundaries.
The challenge is that the most valuable data is often the hardest to share.
Legal obligations, regulatory requirements, competitive concerns, and sovereignty restrictions all limit how organizations can exchange information.
Historically, this forced organizations to choose between privacy and collaboration.
Data in use protection changes that equation.
Healthcare
A clinical AI model trained on data from a single hospital can provide valuable insights.
A model trained across multiple hospital networks can be dramatically more accurate.
The problem is that patient data cannot simply be centralized into a shared environment.
Healthcare organizations must comply with regulations such as HIPAA and GDPR while maintaining patient trust.
Data in use protection technologies can be combined with federated learning approaches to enable collaborative model development without exposing patient records.
Financial Services
Fraud patterns rarely exist within a single institution.
A fraud detection system trained across multiple banks can identify relationships that would otherwise remain invisible.
However, sharing transaction data directly creates confidentiality concerns and introduces concentration risk.
By enabling computation without exposing underlying data, organizations can support secure financial analytics across institutions while maintaining control of sensitive information.
Government and Defense
Government agencies face some of the strictest data sovereignty requirements in the world, limiting how sensitive information can move across organizations, jurisdictions, and security domains.
Classified information, intelligence sources, and sovereign datasets often cannot leave their originating environments.
At the same time, mission success increasingly depends on cross-domain and cross-agency collaboration.
Data in use protection enables cross-domain collaboration and collective analysis without requiring raw data sharing or centralization.
Enterprise AI Assistants
Organizations are rapidly deploying AI assistants that interact with sensitive internal information, including contracts, customer records, financial forecasts, product roadmaps, and employee data.
The challenge is not simply securing where this information is stored. The challenge is protecting it while the AI system retrieves, analyzes, summarizes, and reasons over it.
In traditional architectures, sensitive information is exposed during processing. Data in use protection technologies allow organizations to deploy enterprise AI assistants while maintaining stronger control over how information is accessed and processed.
As organizations deploy enterprise assistants and agentic AI systems, protecting information during retrieval, reasoning, and inference is becoming a foundational requirement of secure AI.
Cross-Border Data Collaboration
Organizations increasingly operate across jurisdictions with different privacy, sovereignty, and regulatory requirements.
A multinational bank may want to analyze financial activity across regions. A healthcare consortium may want to collaborate across countries. Government agencies may need to share insights without moving sensitive data across borders.
Traditional approaches often require centralizing information in a single environment, creating legal and operational challenges.
Data in use protection enables a different model. Data can remain under local control while computation occurs across jurisdictions. Insights move where needed, while the underlying data remains protected.
This approach helps organizations support collaboration while maintaining compliance with data residency and sovereignty requirements.
Agentic AI Workflows
Agentic AI systems introduce a new challenge because they do more than generate responses. They access systems, retrieve information, execute workflows, and make decisions on behalf of users.
An agent may interact with CRM systems, financial platforms, document repositories, healthcare records, or operational databases.
This creates a new question for security teams:
How can organizations safely give autonomous systems access to sensitive information?
Data in use protection provides part of the answer by protecting information while agents retrieve, process, and reason over data.
As agentic AI adoption accelerates, organizations will increasingly require security architectures that protect information throughout the entire workflow, not just where it is stored.
Data in Use Protection Technologies
Several technologies address the challenge of protecting data during computation.
Each provides different trade-offs between performance, security, scalability, and operational complexity.
Technology Comparison
| Technology | Protection Model | Performance | Best Use Cases |
| Trusted Execution Environments (TEEs) | Hardware isolation | Near-native | Cloud AI workloads |
| Fully Homomorphic Encryption (FHE) | Computation on encrypted data | Workload dependent | Secure analytics and AI |
| Secure Multi-Party Computation (MPC) | Distributed trust | Higher latency | Multi-party collaboration |
| Federated Learning | Localized data processing | High | Distributed model training |
No Single Technology Solves Every Data in Use Challenge
Trusted Execution Environments (TEEs), Fully Homomorphic Encryption (FHE), Secure Multi-Party Computation (MPC), and Federated Learning address different aspects of the data-in-use problem.
In practice, organizations often combine multiple approaches to balance performance, security, compliance, and collaboration requirements.
The most successful deployments focus on architecture rather than individual technologies.
Trusted Execution Environments (TEEs)
Trusted Execution Environments create hardware-isolated enclaves where code and data remain protected from the surrounding infrastructure.
Examples include Intel TDX, AMD SEV, and ARM TrustZone.
TEEs are particularly valuable within confidential computing architectures, where organizations want to use cloud infrastructure while reducing trust in infrastructure operators.
Benefits include:
- Near-native performance
- Strong cloud compatibility
- Protection against many infrastructure-level attacks
However, TEEs still require trust in hardware implementations and do not eliminate all attack vectors.
Fully Homomorphic Encryption (FHE)
Fully Homomorphic Encryption enables computation directly on encrypted data.
For a deeper dive into the technology, see our guide to Fully Homomorphic Encryption (FHE) and how it enables computation directly on encrypted information.
The computing environment never sees plaintext information.
Instead:
- Data is encrypted before processing.
- Computation occurs on encrypted values.
- Results remain encrypted.
- Only authorized parties can decrypt outputs.
FHE provides one of the strongest forms of data in use protection because it removes the need to trust the processing environment.
Historically, performance limitations restricted adoption.
Today, advances in cryptography, hardware acceleration, and software tooling are making FHE practical for an increasing range of AI and analytics workloads.
Secure Multi-Party Computation (MPC)
Secure Multi-Party Computation enables multiple organizations to jointly compute a result without revealing their underlying data to one another.
Rather than centralizing information, computation itself is distributed across participants.
This makes MPC particularly attractive when no single organization can serve as a trusted intermediary.
Common use cases include:
- Cross-bank fraud detection
- Multi-party risk modeling
- Government collaboration
- Consortium analytics
Federated Learning
Federated learning addresses a related but distinct problem.
Rather than moving data to a central environment, federated learning keeps data local and exchanges model updates.
This reduces data movement but does not fully solve data in use protection because local training still occurs on plaintext information.
For this reason, many production architectures combine federated learning with FHE, MPC, or differential privacy.
How to Choose the Right Approach
Selecting the right data in use protection strategy depends on four questions.
Who Controls the Compute Environment?
If the organization controls the infrastructure, TEEs may provide sufficient protection.
If computation occurs on third-party infrastructure, stronger protections such as FHE or MPC may be required.
Does Data Cross Organizational Boundaries?
Single-organization deployments and multi-organization collaborations often require different architectures.
Cross-organizational initiatives frequently benefit from MPC or FHE.
What Are the Performance Requirements?
TEEs generally provide the lowest performance overhead.
FHE and MPC introduce additional computational requirements that vary based on workload characteristics.
What Are the Compliance Requirements?
Healthcare, financial services, government, and critical infrastructure organizations often face regulatory obligations that influence technology selection.
The correct solution depends on both technical requirements and governance requirements.
Governance Matters as Much as Cryptography
Technology alone does not solve the data in use challenge.
Organizations must also implement governance controls that define:
Who Can Initiate Computation
Access controls should govern who can run computations and under what circumstances.
What Computations Are Allowed
Not every user should be able to perform every analysis.
Purpose-based controls help ensure that sensitive information is used appropriately.
How Activity Is Audited
Organizations need cryptographically verifiable audit trails that demonstrate:
- Who initiated a computation
- When it occurred
- What data was involved
- What outputs were generated
This is particularly important for regulated industries.
Strong governance transforms data in use protection from a technical capability into an operational capability.
How Duality Enables Data in Use Protection
Most organizations do not need a single data in use protection technology. They need an architecture that combines multiple approaches.
Production deployments frequently use federated learning to keep data local, Fully Homomorphic Encryption to protect sensitive computation, Secure Multi-Party Computation to enable collaboration, and governance controls to enforce policy and compliance.
Duality brings these capabilities together in a unified platform designed for secure AI and collaborative analytics.
Rather than forcing organizations to choose between privacy, sovereignty, and innovation, Duality enables organizations to collaborate on sensitive data while maintaining control over how that data is used throughout the computation lifecycle.
This allows organizations to unlock value from distributed data assets while supporting regulatory requirements, reducing risk, and accelerating AI adoption.
