Navigate

AC-19 (5)

AC-19 (5): Full Device / Container-Based Encryption

The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].

Supplemental

Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields.

CIA Levels
Confidentiality	moderate
Integrity	moderate
Availability	unknown

Overlays
Privacy (High), Privacy (Low), Privacy (Mod), Privacy (PHI)

Related Controls

The controls below (if any) were marked by NIST as being related to AC-19 (5).

Control	Description
MP-5	The organization: MP-5a.: Protects and controls [Assignment: organization-defined types of information system media] during transport outside of controlled areas using [Assignment: organization-defined security safeguards]; MP-5b.: Maintains accountability for information system media during transport outside of controlled areas; MP-5c.: Documents activities associated with the transport of information system media; and MP-5d.: Restricts the activities associated with the transport of information system media to authorized personnel.
SC-13	The information system implements [Assignment: organization-defined cryptographic uses and type of cryptography required for each use] in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
SC-28	The information system protects the [Selection (one or more): confidentiality; integrity] of [Assignment: organization-defined information at rest].

Enhancements

The controls below (if any) add on to the requirements of AC-19 (5).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-19 (5).

CCI	Definition
CCI-002329	The organization defines the mobile devices that are to employ full-device or container encryption to protect the confidentiality and integrity of the information on the device.
CCI-002330	The organization employs full-device encryption or container encryption to protect the confidentiality of information on organization-defined mobile devices.
CCI-002331	The organization employs full-device encryption or container encryption to protect the integrity of information on organization-defined mobile devices.