An educational institution has begun using a new payment processor for online tuition transactions. The institution wants to shield user records while connecting to the external system. Which approach addresses this data handling requirement most effectively?
Implement a common encryption approach with the external service but maintain unencrypted local backups for convenience
Disclose limited but personally identifiable user details to streamline transactions
Maintain one key that both parties use for every data exchange
Send the needed user data for payments and require encryption for transmissions
Limiting data flow to what is necessary and ensuring a secure channel helps reduce exposure risks and prevent intruders from intercepting valuable information. Encryption, such as TLS (Transport Layer Security), protects transmissions from unauthorized observation. Providing unneeded information, storing data in unsecured locations, or using a single key for every transaction can expand the surface for attacks and reveal sensitive user details.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is TLS and how does it secure data transmission?
Open an interactive chat with Bash
Why is it important to limit data flow during transactions?
Open an interactive chat with Bash
What are the risks of using one encryption key for all transactions?