Encryption of Data. 1. The Contractor, at its own expense, shall encrypt any and all electronically stored data now or hereafter in its possession or control located on non-State owned or managed devices that the State, in accordance with its existing state policies, classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture ("EWTA") or such other method as deemed acceptable by the Agency. This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time.
Encryption of Data. Encryption solutions will be deployed with no less than 256-bit Advanced Encryption Standard (AES) encryption.
Encryption of Data. A. Data at Rest. The Contractor shall ensure encryption of Personal Data and Non-Public Data within the Contractor’s possession or control is consistent with validated cryptography standards as referenced in Federal Information Processing Standard (FIPS) 140 Publication Series.
Encryption of Data. 2. The ability to ensure the ongoing confidentiality, integrity, availability and resilience of Processing systems and services;
Encryption of Data. (a) The Contractor, at its own expense, shall encrypt any and all electronically stored data now or hereafter in its possession or control located on non-state owned or managed devices that the State, in accordance with its existing state policies classifies as confidential or restricted. The method of encryption shall be compliant with the State of Connecticut Enterprise Wide Technical Architecture (“EWTA”) or such other method as deemed acceptable by the Agency. This shall be a continuing obligation for compliance with the EWTA standard as it may change from time to time. The EWTA domain architecture documents can be found at xxxx://xxx.xx.xxx/doit/cwp/view.asp?a=1245&q=253968.
Encryption of Data. Xxxxx.xxx will encrypt the following categories of data using an encryption mechanism providing protection that is equal to or greater than 128-bit AES encryption:
Encryption of Data. Company shall encrypt, at minimum, Restricted AHS Information using Strong Encryption when transmitted over the internet (i.e., “data in transit”) or any other un-trusted network. Company shall also encrypt using Strong Encryption, at minimum, Restricted AHS Information when stored on any system (i.e., “data at rest”), including, but not limited to, servers, workstations, mobile devices, backup tapes, removable media, or any other electronic storage medium. In addition to the foregoing, AHS reserves the right to request at any time implementation of data encryption requirements as it relates to Confidential AHS Information.
Encryption of Data. You accept that your data (not including credit card information), may be transferred unencrypted and involve transmissions over various networks, and changes to conform and adapt to technical requirements of connecting networks or devices. Credit card information is always encrypted during transfer over networks.
Encryption of Data. Data at Rest. The Contractor shall ensure encryption of Personal Data and Non-Public Data within the Contractor’s possession or control is consistent with validated cryptography standards as referenced in Federal Information Processing Standard (FIPS) 140 Publication Series. Data in Transit. The Contractor shall ensure all Personal Data and Non-Public Data is encrypted when transmitted across networks that originate or terminate on equipment owned or controlled by the Contractor to protect against eavesdropping of network traffic by unauthorized users. In cases where source and target endpoint devices are within the same protected subnet, Personal Data and Non-Public Data transmission must still be encrypted due to the potential for high negative impact of a covered Data Breach. The types of transmission may include client-to-server, server-to-server communication, as well as any data transfer between core systems and third-party systems. Where an endpoint device is reachable via web interface, web traffic must be transmitted over Secure Sockets Layer (SSL), using only strong security protocols, such as Transport Layer Security (TLS). Non-web transmission of Personal Data and Non-Public Data should be encrypted via application level encryption. Where the application database resides outside of the application server, the connection between the database and application should also be encrypted using Federal Information Processing Standard (FIPS) compliant cryptographic algorithms referenced in FIPS Publication 197. Where application level encryption is not available for non-web Personal Data and Non-Public Data traffic, network level encryption such as Internet Protocol Security (IPSec) or SSH tunneling shall be implemented. Email is not secure and shall not be used to transmit Personal Data and Non-Public Data.
Encryption of Data. Company shall encrypt, at minimum, Sensitive PII, and Restricted AHS Information using Strong Encryption when transmitting via the Internet or any other un-trusted network. Company shall also encrypt, using Strong Encryption, at minimum, Sensitive PII and/or Restricted AHS Information when it is stored on any system or electronic medium including but not limited to servers, workstations, mobile devices, backup tapes, removable media, or any other electronic storage medium. AHS reserves the right to request Company implement Encryption requirements on any data relating to Confidential Information of AHS.
