Use operating environments with solid process separation.
Operating systems with solid process separation include modern version of Windows, Unix-like operating systems, and most other widely used general purpose operating systems.
Configure discretionary access controls to protect temporary areas.
Configuration controls over temporary areas prevent interference with data values in temporary areas including file storage areas used by processes. Programs often fail to provide proper protection for their files and default values are sometimes overly broad for control over the content in use.
Use cryptographic transforms to allow confidential computation in the open.
These mechanisms use encrypted forms of content that have particular properties that allow the encrypted forms to be useful for specific types of computation. The most common use is for things like password protection, where plaintext of passwords is never stored and in use, passwords are checked by passing them through a one-way cryptographic hash function and comparing results to the stored hash. This is only workable when the number of values is high enough and the algorithm complex enough to prevent exhausting the value space. Its use for things like social security numbers is relatively easy to defeat, and thus while it affords limited protection, it is not sound for substantial threats. It also takes a great deal of performance for all feasible approaches today other than the strict comparison of values, and even these are significantly slowed.
Only use sensitive content in well controlled areas of the environment.
In a zones and physically secured environment, these controls may be adequate to reduce threats and available exploitation paths to a desired level. However, this depends on the properties of a lot of other controls.
Use configuration controlled computers for sensitive computation.
This is an effective means for limiting the things that can happen in the normal environment, however; it is only of limited utility for higher threat levels.
Use real-time checks on data just prior to use.
These include antivirus checks just prior to execution of programs, integrity shells, and other similar pre-use checks. For each program, integrity checks for all incoming data should be applied, and this also falls under this category.
Use redundant computation to assure proper answers and availability of results.
Redundant computation ranges from having multiple DNS servers for assured availability to the use of N-modular redundancy for assuring proper results in computations for life-critical applications and real-time control systems.
Use sanity checks and other similar validation for important results.
Output checks on the results are sensible when the results are important enough to cause significant harm. Checks of audit records against executions are also used to assure accountability in some high risk systems.
Use microzones to control and enable access only
while in use.
Microzoning and its combination of encryption and virtual machines (VMs) provide for separation of use in time (the VM running state and content are only available while in use), in use by VM (i.e., separate VMs have little or no direct interaction - but do have covert channels) and decryption of content (VMs may selectively decrypt content internally for use in a microzoning approach). At this granularity level, these mechanisms can be effective, but they are not normally high surety today.
Do nothing special.
It speaks for itself. In low risk systems, due diligence probably dictates some controls in some situations, but this remains a feasible option.