SC-8 Transmission Confidentiality and Integrity
Description
Confidential and University-Internal information that is transmitted over a public network (e.g.: the Internet) must be protected.
Applicability
- This Control applies to all Texas A&M information resources. The intended audience is all users of university information resources.
Implementation
-
1 - No university university data classified as University-Internal or higher shall be made available via university websites without ensuring that the material is accessible to only authorized individuals or groups.
-
2 - All data classified as University-Internal that is transmitted over a public network should be encrypted where feasible.
-
3 - All university data classified as Confidential or higher that is transmitted over a public network must be encrypted with, at a minimum, a 128-bit encryption algorithm.
-
4 - University data classified as Confidential or higher that is transmitted in an email message must be encrypted.