How does Zscaler ensure that no sensitive data is stored during EDM?

The correct choice emphasizes Zscaler's approach to ensuring data security during Entitlement and Data Management (EDM). Zscaler ensures that sensitive data is not stored by relying on the use of hashes and tokens, rather than retaining the actual data itself. Hashing transforms sensitive data into a fixed-size string of characters, which cannot be reversed to reveal the original data. Tokens serve a similar purpose; they act as placeholders for sensitive data and can be sent in place of the actual information. This method allows for validation and processing without exposing any sensitive information, significantly minimizing the risk of data breaches.

The other choices do not accurately represent how Zscaler handles sensitive data in the context of EDM. For instance, while encryption does protect data, it doesn't prevent sensitive data from being stored; it merely secures it in transit and at rest. Retaining data for limited time periods addresses data retention policies but doesn't eliminate the storage of sensitive information. Anonymization transforms data to prevent identification, but if done poorly, it can still permit reconstruction of original data, which doesn’t align with Zscaler's stringent focus on not storing sensitive information at all.