SC-28(2): Off-Line Storage
Control Family:
Parent Control:
CSF v1.1 References:
Threats Addressed:
Baselines:
(Not part of any baseline)
Next Version:
- NIST Special Publication 800-53 Revision 5:
- SC-28(2): Offline Storage
Control Statement
The organization removes from online storage and stores off-line in a secure location [Assignment: organization-defined information].
Supplemental Guidance
Removing organizational information from online information system storage to off-line storage eliminates the possibility of individuals gaining unauthorized access to the information through a network. Therefore, organizations may choose to move information to off-line storage in lieu of protecting such information in online storage.