Back

Establish, implement, and maintain electronic storage media security controls.


CONTROL ID
13204
CONTROL TYPE
Technical Security
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain records management procedures., CC ID: 11619

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Carriers of magnetic tapes and magnetic disks need to be fitted with braking or fixing devices. (F51.1. ¶ 1, FISC Security Guidelines on Computer Systems for Financial Institutions, Ninth Edition, Revised March 2020)
  • protection of information during processing, transmission, and storage (e.g. through the use of cryptography), (§ 8.1 Subsection 5 ¶ 2 Bullet 8, BSI Standard 200-1, Information Security Management Systems (ISMS), Version 1.0)
  • The PRA expects firms to implement robust controls for data-in-transit, data-in-memory, and data-at-rest. Depending on the materiality and risk of the arrangement, these controls may include a range of preventative and detective measures, including but not necessarily limited to: (§ 7.11, SS2/21 Outsourcing and third party risk management, March 2021)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Payment Card Industry Data Security Standard Requirements and Testing Procedures, Defined Approach Requirements, Version 4.0)
  • Examine documentation to verify that procedures are defined for securing media sent outside the facility in accordance with all elements specified in this requirement. (9.4.3.a, Payment Card Industry Data Security Standard Requirements and Testing Procedures, Defined Approach Testing Procedures, Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire A and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire A-EP and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire B and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire B-IP and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire C and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire C-VT and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire D for Merchants and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Media with cardholder data sent outside the facility is secured as follows: (9.4.3, Self-Assessment Questionnaire D for Service Providers and Attestation of Compliance for use with PCI DSS Version 4.0)
  • Periodically backup data stored in the cloud. Ensure the confidentiality, integrity and availability of the backup, and verify data restoration from backup for resiliency. (BCR-08, Cloud Controls Matrix, v4.0)
  • Data-at-rest is protected. (PR.DS-1, CRI Profile, v1.2)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., StateRAMP Security Controls Baseline Summary Category 1, Version 1.1)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
  • Ensure the security and integrity of the records by means of manual and automated controls that assure the authenticity and quality of the electronic facsimile, detect attempts to alter or remove the records, and provide means to recover altered, damaged, or lost records resulting from any cause; (§ 240.17Ad-7(f)(3)(i), 17 CFR Part 240.17Ad-7 - Record retention)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d. Low Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., FedRAMP Security Controls High Baseline, Version 5)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., FedRAMP Security Controls Low Baseline, Version 5)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., FedRAMP Security Controls Moderate Baseline, Version 5)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • Data-at-rest is protected (PR.DS-1, Framework for Improving Critical Infrastructure Cybersecurity, v1.1)
  • Data-at-rest is protected (PR.DS-1, Framework for Improving Critical Infrastructure Cybersecurity, v1.1 (Draft))
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d. Low Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Data-at-rest are protected. (PR.DS-P1, NIST Privacy Framework: A Tool For Improving Privacy Through Enterprise Risk Management, Version 1.0)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Protect the confidentiality, integrity, and availability of backup information. (CP-9d., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • The confidentiality, integrity, and availability of data-at-rest are protected (PR.DS-01, The NIST Cybersecurity Framework, v2.0)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., TX-RAMP Security Controls Baseline Level 1)
  • Protects the confidentiality, integrity, and availability of backup information at storage locations. (CP-9d., TX-RAMP Security Controls Baseline Level 2)