Encrypt Data at Rest, in Transit, and in Use

This standard mandates the encryption of data at rest, in transit, and in use to ensure strong data protection across all layers.

1. Encrypt Data at Rest, in Transit, and in Use:

Ensure strong data protection across all layers. This approach ensures that data is protected throughout its lifecycle.

• 1.1 Network Communication Encryption:
  • 1.1.1 TLS 1.2/1.3 Utilisation:
    • Use TLS 1.2/1.3 for all network communications.
    • Automate the configuration of TLS encryption.
  • 1.1.2 Communication Management:
    • Automate the tracking of TLS usage.
    • Implement communication tutorials.
• 1.2 Data at Rest Encryption:
  • 1.2.1 AES-256 and Secrets Management:
    • Enforce AES-256 encryption for stored data and secrets management.
    • Automate the encryption of stored data.
  • 1.2.2 Encryption Management:
    • Automate the tracking of encryption implementations.
    • Implement encryption feedback collection.
• 1.3 Sensitive Computation Encryption:
  • 1.3.1 Homomorphic Encryption and Secure Enclaves:
    • Implement homomorphic encryption or secure enclaves for sensitive computations.
    • Automate the implementation of secure enclaves.
  • 1.3.2 Computation Management:
    • Automate the tracking of secure computation usage.
    • Implement computation tutorials.

By encrypting data at all stages, organisations can ensure strong data protection.