Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The information system implements cryptographic mechanisms to protect the confidentiality and integrity of information stored on digital media during transport outside of controlled areas.
NIST 800-53 (r4) Supplemental Guidance:
This control enhancement applies to both portable storage devices (e.g., USB memory sticks, compact disks, digital video disks, external/removable hard disk drives) and mobile devices with storage capability (e.g., smart phones, tablets, E-readers). Related control: MP-2.
References: FIPS Publication 199; NIST Special Publication 800-60.
NIST 800-53 (r5) Discussion: None
38North Guidance:
Meets Minimum Requirement:
All digital media departing the controlled areas must utilize cryptographic encryption protect data from unauthorized access during transportation
All digital media departing the controlled area must utilize cryptographic hashing to ensure the integrity of the data during transportation
Best Practice:
TBD
Unofficial FedRAMP Guidance: None
Assessment Evidence:
The company's security policy identifying the encryption mechanisms used to protect data's confidentiality and integrity during transport of digital media outside of controlled areas
Records of transportation activities demonstrating the use of cryptographic mechanisms to protect data's confidentiality and integrity during transport of digital media outside of controlled areas
CSP Implementation Tips:
Amazon Web Services (AWS): Fully Inherited; Furthermore, all media outside of AWS data center clusters is decommissioned prior to transport
Microsoft Azure: Fully Inherited
Google Cloud Platform: Fully Inherited
Page updated
Report abuse