@jairo_guevara Great questions, All data in transit between Platform and any external component is conducted over secure, encrypted connections using HTTPS TLS v1.2.
#1 https://experienceleague.adobe.com/en/docs/experience-platform/landing/governance-privacy-security/encryption
How ever there are some nuances we need to be aware about data under transmission(REST API's) vs data at rest
Cloud Storage Batch Ingestion: Additional encryption support for data at rest on storages and supported encryptions
#2 https://experienceleague.adobe.com/en/docs/experience-platform/sources/api-tutorials/encrypt-data
WebSDK: Data transmitted through websdk(via edge network) is also secure via https which uses TLS security to encrypt communication, however there are few other nuances about first party data collection, customer generated certs for SSL security can also be accounted for organization InfoSec requirements.
#3 https://experienceleague.adobe.com/en/docs/core-services/interface/data-collection/adobe-managed-cert
MobileSDK: Data transmitted through mobilesdk(via edge network extension) is also secure via https which uses TLS security to encrypt communication, however first party data collection, customer generated certs for SSL security can also be accounted and above #3 link can be leveraged here.
Data at rest (AEP DataLake): Data at rest in AEP datalake is also encrypted by default by Azure, check #1 link, however if your organization have a need to use your encryption keys for data at rest due to Infosec or HIPAA you might need get Adobe’s Healthcare Shield and Privacy and Security Shield SKU added.
#4 https://experienceleague.adobe.com/en/docs/experience-platform/landing/governance-privacy-security/customer-managed-keys/overview
Let me know if you more details on this and happy to help.
~cheers,
NN.