PR.DS-10: The confidentiality, integrity, and availability of data-in-use are protected

Info icon.

Subcategory is new to this version of the framework and incorporates the following item from the previous version: PR.DS-5: Protections against data leaks are implemented.

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

1st: 1st Party Risk

Ex1: Remove data that must remain confidential (e.g., from processors and memory) as soon as it is no longer needed

Ex2: Protect data in use from access by other users and processes of the same platform