Encryption at Rest and in Transit

Description

Ensures all customer data — conversations, recordings, personal identifiers, and configuration — is encrypted at rest using AES-256 and in transit using TLS 1.2 or higher. Covers all storage backends, API endpoints, and inter-service communication.

Canonical use case

An enterprise security audit confirms that all data stored by ExpertFlow — including recording files and interaction logs — is encrypted at rest with AES-256, satisfying the organisation's data protection policy baseline.