⭐ Repository → 💼 SOC 2 → 💼 CC6 Logical and Physical Access Controls → 💼 CC6.7 The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity's objectives.
💼 CC6.7-2 Uses Encryption Technologies or Secure Communication Channels to Protect Data
- ID:
/frameworks/soc-2/cc6/07/02
Description
Encryption technologies or secured communication channels are used to protect transmission of data and other communications beyond connectivity access points.
Similar
- Internal
- ID:
dec-c-dd5610d0
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (8)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS CloudFront Web Distribution Cache Behaviors allow unencrypted traffic🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS CloudFront Web Distribution does not encrypt traffic to Custom Origins🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS CloudFront Web Distribution uses outdated SSL protocols with Custom Origins🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Storage Account Secure Transfer Required is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Google GCE Instance Block Project-Wide SSH Keys is not enabled🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-14f5fc25 | 1 | |
| ✉️ dec-x-791dab13 | 1 | |
| ✉️ dec-x-3181f359 | 1 | |
| ✉️ dec-x-4002ecfe | 1 | |
| ✉️ dec-x-995424b7 | 2 | |
| ✉️ dec-x-d95ea48b | 1 |