AC-19(5): Full Device / Container-Based Encryption

Control Family:

Access Control

Parent Control:

AC-19: Access Control For Mobile Devices

Priority:

P1: Implement P1 security controls first.

CSF v1.1 References:

PR.AC-3
PR.AC-6

Threats Addressed:

Tampering
Information Disclosure

Baselines:

Moderate
High

Next Version:

NIST Special Publication 800-53 Revision 5:
AC-19(5): Full Device or Container-based Encryption

Control Statement

The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].

Supplemental Guidance

Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields.

Control Statement

Supplemental Guidance

Related Controls

Critical Security Controls Version 8