All data in transit is transferred over encrypted connections, using the encrypted versions of protocols or encapsulation of plaintext protocols over encrypted connections.
Specification
For TLS based protocols including but not limited to https use the latest version of the NCSC publication ‘ICT-beveiligingsrichtlijnen voor Transport Layer Security (TLS)’
For other encrypted protocols: the same choices in enabling and disabling key exchange, hashing and bulk encryption algorithms to get the same level of confidentiality, integrity and non-repudiation.
ISO 27001 & 27002:2022
A5.12, A5.14, A5.15, A8.20, A8.21, A8.22, A8.24, A8.26
SURF toetsingskader informatiebeveiliging (NBA-volwassenheidsmodel)
DM.05 Uitwisseling van (gevoelige) gegevens
SM.10 Cryptographic Key Management