FedRAMP Full Device / Container-based Encryption AC-19 (5)

Overview:
The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].

Supplemental Guidance:
Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields.

Related Controls:>/b> MP-5, SC-13, SC-28.

References: OMB Memorandum 06-16; NIST Special Publications 800-114, 800-124, 800-164.

Action Items:
1) Ensure encryption is utilized on all mobile devices to protect sensitive data

Related Documents:
1) Access Control Policy
2) Data Classification Policy
3) Mobile Device Policy

Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none

Moderate Additional FedRAMP Requirements and Guidance
none