← Back to catalog
SC-28(1)

Cryptographic Protection

System and Communications Protection (SC)
Baselines
Low · Not includedModerate · IncludedHigh · Included
Description

Implement cryptographic mechanisms to prevent unauthorized disclosure and modification of the following information at rest on [assignment]: [assignment].

Discussion

The selection of cryptographic mechanisms is based on the need to protect the confidentiality and integrity of organizational information. The strength of mechanism is commensurate with the security category or classification of the information. Organizations have the flexibility to encrypt information on system components or media or encrypt data structures, including files, records, or fields.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.