SI-4(10): Visibility Of Encrypted Communications
CSF v1.1 References:
(Not part of any baseline)
- NIST Special Publication 800-53 Revision 5:
- SI-4(10): Visibility of Encrypted Communications
The organization makes provisions so that [Assignment: organization-defined encrypted communications traffic] is visible to [Assignment: organization-defined information system monitoring tools].
Organizations balance the potentially conflicting needs for encrypting communications traffic and for having insight into such traffic from a monitoring perspective. For some organizations, the need to ensure the confidentiality of communications traffic is paramount; for others, mission-assurance is of greater concern. Organizations determine whether the visibility requirement applies to internal encrypted traffic, encrypted traffic intended for external destinations, or a subset of the traffic types.