YALE-MSS-7.3: Encrypt data in transit

Standards Group:
YALE-MSS-7: Data Protection

Low Risk Endpoint Not Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Not Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Not Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Not Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

Details and definitions

Unencrypted data can be intercepted and/or manipulated by unauthorized individuals.

Guidance

Common means of encrypting communications include, but are not limited to:

Using HTTPS (i.e., Transport Layer Security) for web traffic
Using client-side VPNs
Encrypting data before transmission over a network

Use industry-standard encryption. Deprecated methods must not be used. Please see guidance from Mozilla for web and SSH servers (https://ssl-config.mozilla.org/, https://infosec.mozilla.org/guidelines/openssh).

YALE-MSS-7.3: Encrypt data in transit

Standards Group:YALE-MSS-7: Data Protection

Details

Standards Group:
YALE-MSS-7: Data Protection