It really depends on the controls in place. Is the file itself encrypted at rest? Is the SHA256 checksum of the file stored in a tamper proof section of hardware with an audit trail? Is the file cryptographically signed using a secure PK?
While the controls in place almost certainly are not adequite that doesn't mean human readable formats are inherently unable to be secured. Most of the internet traffic has json bodies and it's encrypted via SSL.
Kneejerk techlets don't need to REEE when people rightly point out that security controls can and do exist for sensitive data. We need more information.
I would wager that it's not encrypted. based on the video of that douche pulling the data onto his thumb drive, opening it on his laptop in Excel, filtering it and bouncing? no way.
It really depends on the controls in place. Is the file itself encrypted at rest? Is the SHA256 checksum of the file stored in a tamper proof section of hardware with an audit trail? Is the file cryptographically signed using a secure PK?
you forgot the s/
While the controls in place almost certainly are not adequite that doesn't mean human readable formats are inherently unable to be secured. Most of the internet traffic has json bodies and it's encrypted via SSL.
Kneejerk techlets don't need to REEE when people rightly point out that security controls can and do exist for sensitive data. We need more information.
I would wager that it's not encrypted. based on the video of that douche pulling the data onto his thumb drive, opening it on his laptop in Excel, filtering it and bouncing? no way.