Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].
NIST 800-53 (r4) Supplemental Guidance:
Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields. Related controls: MP-5, SC-13, SC-28.
References: OMB Memorandum 06-16; NIST Special Publications 800-114, 800-124, 800-164.
NIST 800-53 (r5) Discussion:
Container-based encryption provides a more fine-grained approach to data and information encryption on mobile devices, including encrypting selected data structures such as files, records, or fields.
38North Guidance:
Meets Minimum Requirement:
Mobile devices within the environment are required to have full-device encryption.
Best Practice:
Ensure that all mobile devices are documented if applicable and that full-device encryption is implemented.
Unofficial FedRAMP Guidance: None.
Assessment Evidence:
Spreadsheet of all system components within the environment.
Host inventory scan to compare against a spreadsheet of all components that are in the environment.
Screen shots or a device listing within the endpoint solution demonstrating if mobile devices are in use within the environment and there encryption status.
Export of information if a Mobile Device Management (MDM) system is being used. This information should include encryption status of each device.
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse