← All topics
Cyber-insurance readiness

Encryption

Protecting data at rest, in transit, and on devices.

Why it matters

Encryption turns a lost laptop or stolen database into a non-event for notification and liability.

What strong practice looks like

Encryption at rest, in transit, and on devices / portable media.

What this area covers

Is sensitive data encrypted at rest?

Encryption scrambles data so that only someone with the right key can read it. It’s commonly applied in two places:

  • In transit — protected while it’s moving (for example, between your browser and a website).
  • At rest — protected while it’s stored and sitting still — on a hard drive, laptop, server, or database.

“Data at rest” simply means the stored copies. Carriers ask because if a laptop is stolen or a server is breached, encrypted data-at-rest is unreadable to the thief — it turns a serious data loss into a non-event.

CISA — Encrypt Business Data ↗ — what good looks like

Also covered in this area

  • Is data encrypted in transit?
  • Are laptops / portable media encrypted?

This library is general education, not advice about your specific organization. It describes what each control is and what strong practice looks like; whether and how any of it applies to you is your decision, in consultation with your carrier, broker, or counsel.