Documentation
HECVAT Lite v3.0.6
Data
HLDA-03

Question HLDA-03

Is sensitive data encrypted, using secure protocols/algorithms, in storage? (e.g., disk encryption, at-rest, files, and within a running database)

Weight20
High RiskNo
RequiredYes
Compliant AnswerYes

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

Describe why sensitive data is not encrypted in storage.

Answering "YES"

Summarize your data encryption strategy and state what encryption options are available.

Reason for Question

The need for encryption at rest is unique to your institution's implementation of a system. In particular, system components, architectures, and data flows all factor into the need for this control.

Follow-Up Inquiries

Follow-up inquiries for data encryption at-rest will be institution/implementation specific.

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]