Setting up encryption policies

Encryption policies help protect sensitive data by enforcing encryption requirements across your organization. Here's how to configure them effectively:

Scope Selection

While "customer Confidential" is the minimum required scope for certification compliance, we recommend using "Company Confidential" as your scope setting for enhanced protection. The "Company Confidential" scope provides broader coverage and includes additional security measures.

Adding Exception Clauses

It's recommended to include an exception clause in your encryption policy. Exception clauses allow you to:

• Define specific scenarios where different encryption rules may apply

• Create flexibility for special cases while maintaining overall security

• Document approved deviations from the standard policy