3.10: Encrypt Sensitive Data in Transit

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:

Group:

Info icon.

Incorporates the following controls from the previous version: 14.4: Encrypt All Sensitive Information in Transit, 15.7: Leverage the Advanced Encryption Standard (AES) to Encrypt Wireless Data, 16.5: Encrypt Transmittal of Username and Authentication Credentials.

Control Statement

Encrypt sensitive data in transit. Example implementations can include: Transport Layer Security (TLS) and Open Secure Shell (OpenSSH).

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-171 Revision 2

NIST Special Publication 800-53 Revision 4