Your data can either be **at rest** or it can be **in transit**. When your data is in transit, it is actively moving from server to computer network, between computer networks, or so on. Alternatively, when your data is at rest it is not actively moving. **Encryption at rest and in transit means that your data is fully encrypted in any situation.**

For more information, see Encryption and data security.

## At rest

With Advanced Encryption Standard (AES) encryption, both the sender and the receiver of data must have the same encryption key in order to read the data. 256-bit AES encryption is a technique that uses a key length of 256 bits for this process. Because key combinations increase exponentially with key size, the AES-256 key has the mathematical equivalent of 2^{256} possible combinations.

Using 256-bit AES encryption ensures your data is secure at rest.

## In transit

Transport Layer Security (TLS) is a protocol that provides end-to-end security for data sent over the internet. TLS ensures your data is encrypted and authenticated, and that the data is not tampered with while in transit between applications.

ShareGate connections are always encrypted with HTTPS and TLS version 1.2.