← Glossary·Security

Encryption in Transit

SOC 2ISO 27001HIPAAPCI DSS

TLS protection of data moving across networks — TLS 1.2+ is the floor; TLS 1.3 preferred.

Encryption in Transit protects data flowing across networks using TLS (Transport Layer Security). TLS 1.2 is the practical floor; TLS 1.3 is preferred. mTLS adds mutual authentication for service-to-service traffic.

Why it matters
Plaintext internal service-to-service traffic is the most common ‘encryption in transit’ gap — typically caught only when auditors trace a single request end-to-end.

Related terms

Encryption at Rest
Cryptographic protection of stored data — typically AES-256 with KMS-managed keys.

Does your program actually cover Encryption in Transit?

Run a free ComplianceIQ audit against SOC 2 and we'll surface every gap on this — and the other controls auditors flag — with the exact clause references to fix.

Free SOC 2 auditBack to glossary