Question HLDA-02
Is sensitive data encrypted, using secure protocols/algorithms, in transport? (e.g., system-to-client)
| Weight | 20 |
| High Risk | No |
| Required | Yes |
| Compliant Answer | Yes |
Standard Guidance
EDUCAUSE provides no guidance here
Answering "NO"
Describe why sensitive data is not encrypted in transport.
Answering "YES"
Summarize your transport encryption strategy.
Reason for Question
The need for encryption in transport is unique to your institution's implementation of a system, in particular the data flow between the system and the end users of the software/product/service.
Follow-Up Inquiries
Follow-up inquiries for data encryption between the system and end users will be institution/implementation specific. You may want to inquire if the authentication transaction is encrypted.
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]