Question PPPR-03

Can you accommodate encryption requirements using open standards?

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

EDUCAUSE provides no guidance here

Answering "YES"

EDUCAUSE provides no guidance here

Reason for Question

Beware the use of proprietary encryption implementations. Open standard encryption, preferably mature, is often preferred. Although there may be cases in which that is not the case, be sure to understand the vendor's infrastructure and the true security of a vendor's solution.

Follow-Up Inquiries

If the vendor cannot accommodate open standards encryption requirements, direct them to NIST's Cryptographic Standards and Guidelines document at https://csrc.nist.gov/Projects/Cryptographic-Standards-and-Guidelines (opens in a new tab)

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]