PR.DS-10 - Safeguarding Data-in-Use
PR.DS-10 protects data-in-use—actively processed in memory or applications—by removing it when no longer needed and isolating it from other users or processes on the same platform. This prevents unauthorized access or leakage during active operations, a critical concern for sensitive computations. It ensures data remains secure while being manipulated.
This subcategory enhances runtime security by implementing controls that safeguard data integrity and confidentiality in real-time environments. It aligns with risk strategies to protect high-value data during processing, reducing exposure. PR.DS-10 completes the triad of data protection across its states.
