STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020: STIGQter: STIG Summary: Traditional Security Checklist Version: 1 Release: 3 Benchmark Date: 15 Jun 2020:SV-42580r3_rule
V-32263
Controlled Unclassified Information - Encryption of Data at Rest
IS-16.02.04
CAT II
10
Ensure the following standards concerning encryption of data-at-rest are met:
In accordance with DoD policy, all unclassified DoD data that has not been approved for public release and is stored on mobile computing devices or removable storage media must be encrypted using commercially available encryption technology. This requirement includes all CUI as well as other unclassified information that has not been reviewed and approved for public release. This includes certain Personally Identifiable Information (PII). Examples of common devices requiring DAR encryption are laptops used for telework or TDY and mobile devices such as cellular phones, tablets, etc. approved for processing and storing DoD sensitive data, and CDs, thumb drives (flash media) DVDs and other removable media.
See ASD(NII) Memorandum, Encryption of Sensitive Unclassified Data at Rest on Mobile Computing Devices and Removable Storage Media, 3 Jul 07 for detailed guidance.
Check to ensure the following standards concerning encryption of data-at-rest are met:
In accordance with DoD policy, all unclassified DoD data that has not been approved for public release and is stored on mobile computing devices or removable storage media must be encrypted using commercially available encryption technology. This requirement includes all CUI as well as other unclassified information that has not been reviewed and approved for public release. This includes certain Personally Identifiable Information (PII). Examples of common devices requiring DAR encryption are laptops used for telework or TDY and mobile devices such as cellular phones, tablets, etc. approved for processing and storing DoD sensitive data, and CDs, thumb drives (flash media) DVDs and other removable media.
See ASD(NII) Memorandum, Encryption of Sensitive Unclassified Data at Rest on Mobile Computing Devices and Removable Storage Media, 3 Jul 07 for detailed guidance.
TACTICAL ENVIRONMENT: The check is applicable for all tactical processing environments.
V-32263
False
IS-16.02.04
Check to ensure the following standards concerning encryption of data-at-rest are met:
In accordance with DoD policy, all unclassified DoD data that has not been approved for public release and is stored on mobile computing devices or removable storage media must be encrypted using commercially available encryption technology. This requirement includes all CUI as well as other unclassified information that has not been reviewed and approved for public release. This includes certain Personally Identifiable Information (PII). Examples of common devices requiring DAR encryption are laptops used for telework or TDY and mobile devices such as cellular phones, tablets, etc. approved for processing and storing DoD sensitive data, and CDs, thumb drives (flash media) DVDs and other removable media.
See ASD(NII) Memorandum, Encryption of Sensitive Unclassified Data at Rest on Mobile Computing Devices and Removable Storage Media, 3 Jul 07 for detailed guidance.
TACTICAL ENVIRONMENT: The check is applicable for all tactical processing environments.
M
2506