Back

Encrypt digital media containing sensitive information during transport outside controlled areas.


CONTROL ID
14258
CONTROL TYPE
Technical Security
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Control the transiting and internal distribution or external distribution of assets., CC ID: 00963

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • encrypt sensitive information such as client login credentials (ie, user ID and password) and trade data during transmission between internal networks and client devices; and (1.4. ¶ 1 (a), Guidelines for Reducing and Mitigating Hacking Risks Associated with Internet Trading)
  • Protect and control digital and non-digital media to help prevent compromise of the data during transport outside of the physically secure locations or controlled areas using encryption, as defined in Section 5.10.1.2 of this Policy. Physical media will be protected at the same level as the informat… (§ 5.8 MP-5a., Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.9.1, Version 5.9.1)
  • Protects and controls [FedRAMP Assignment: all media with sensitive information] during transport outside of controlled areas using [FedRAMP Assignment: prior to leaving secure/controlled environment: for digital media, encryption using a FIPS 140-2 validated encryption module; for non-digital media… (MP-5a. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Protects and controls [FedRAMP Assignment: all media with sensitive information] during transport outside of controlled areas using [FedRAMP Assignment: prior to leaving secure/controlled environment: for digital media, encryption using a FIPS 140-2 validated encryption module; for non-digital media… (MP-5a. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Encryption is a popular security tool used on client devices. With increased use of digital signatures for non-repudiation and the use of encryption for confidentiality and/or integrity, organizations should consider including encryption in their backup strategy. Encryption should also be considered… (§ 5.2.2 ¶ 2, NIST SP 800-34, Contingency Planning Guide for Federal Information Systems, Rev. 1 (Final))
  • Protects and controls [TX-RAMP Assignment: all media with sensitive information] during transport outside of controlled areas using [TX-RAMP Assignment: prior to leaving secure/controlled environment: for digital media, encryption using a FIPS 140-2 validated encryption module; for non-digital media… (MP-5a., TX-RAMP Security Controls Baseline Level 2)