10. Electronic and physical records containing Harvard confidential information must be appropriately protected when transported or transmitted.

Configuring Applications

D4: Client applications on the device which might be used to access or transfer confidential information must be configured to protect their communications.

Server communication

SA3: Communications between servers or applications and client machines must be protected.