Microsoft 365 Certification control spotlight: Data in transit
Table of Contents
Encryption
- Data in transit must be encrypted using TLS 1.2 or other approved cryptographic protocols to prevent interception or unauthorized disclosure.
TLS Configuration
- An approved TLS 1.2 configuration must be utilized to protect data during transit, reducing the risk of unauthorized access or data breaches.
Certification verifies TLS encryption protocols
- ISVs need to demonstrate that their app's TLS configuration meets or exceeds the TLS profile configuration requirements, ensuring robust TLS setup and adherence to approved standards.
Summary
To comply with data in transit controls, ISVs must provide evidence of meeting TLS configuration requirements, ensuring encryption and security during data transmission. This can be validated using tools like Qualys SSL Server Test, HTTP Header Spy, Securityheaders.com, and Azure Front Door Configuration Screenshots. Implementing these measures ensures that data in transit is protected against potential threats and unauthorized access, meeting the necessary security standards for certification.