Overview:
The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].
Supplemental Guidance:
Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields.
Related Controls:>/b> MP-5, SC-13, SC-28.
References: OMB Memorandum 06-16; NIST Special Publications 800-114, 800-124, 800-164.
Action Items:
1) Ensure encryption is utilized on all mobile devices to protect sensitive data
Related Documents:
1) Access Control Policy
2) Data Classification Policy
3) Mobile Device Policy
Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none
Moderate Additional FedRAMP Requirements and Guidance
none
Article ID: 46
Created: September 25, 2022
Last Updated: September 26, 2022
Author: Matthew Burdick
Online URL: http://www.compliancewiki.org/article/fedramp-full-device-container-based-encryption-ac-19-5-46.html