← Back to catalog
SC-8(3)

Cryptographic Protection for Message Externals

System and Communications Protection (SC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Implement cryptographic mechanisms to protect message externals unless otherwise protected by [assignment].

Discussion

Cryptographic protection for message externals addresses protection from the unauthorized disclosure of information. Message externals include message headers and routing information. Cryptographic protection prevents the exploitation of message externals and applies to internal and external networks or links that may be visible to individuals who are not authorized users. Header and routing information is sometimes transmitted in clear text (i.e., unencrypted) because the information is not identified by organizations as having significant value or because encrypting the information can result in lower network performance or higher costs. Alternative physical controls include protected distribution systems.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.