AC-19(5): Full Device / Container-Based Encryption

Control Family:

Access Control

CSF v1.1 References:

Baselines:

  • Moderate
  • High

Next Version:

Control Statement

The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].

Supplemental Guidance

Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields.