Security of Mender Artifacts containing sensitive information

I would like to know how secure it is to have a Mender Artifact with a file containing sensitive information in the payload. For my use case, the Artifact would be uploaded to Hosted Mender and deployed to a remote PC. Is it possible to obtain the sensitive information by interception?

Hello @schen,

Thanks for reaching out! The transfer of the Artifact in itself is authenticated and encrypted as HTTPS is being used. However, if the remote PC (physically) or the Mender dashboard (artifact download) can be accessed by people who are not meant to see that sensitive data, we recommend additional measures.