SOC 2

SOC 2 CC6.7: Data Transmission Encryption Explained

Protect data in transit using encryption and secure transmission protocols to prevent unauthorized interception.

OFFICIAL REFERENCE (PARAPHRASED)

The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission. (AICPA TSC CC6.7)

Last reviewed: June 2026. Not legal or audit advice.

WHAT EVIDENCE SATISFIES THIS

✓ TLS configuration documentation (minimum TLS 1.2)
✓ Certificate inventory and renewal records
✓ Network diagram showing encrypted data flows
✓ API security standards requiring HTTPS

Cross-framework overlap

This control requirement also appears in:

ISO 27001 A.8.24 →
PCI-DSS 4.2 →
GDPR Article 32 →

See this control in your personalized checklist

Start free →

See your readiness in 5 minutes

Answer a few questions and get a personalized, actionable checklist, free, no card.

Get your free checklist →