Navigate

AC-19(5)

AC-19(5): Full Device / Container-based Encryption

The organization employs [] to protect the confidentiality and integrity of information on [organization-defined mobile devices].

Supplemental

Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields.

CIA Levels
Confidentiality	high
Integrity	high
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-19(5).

Control	Description
MP-5	The organization: a: Protects and controls [organization-defined types of information system media] during transport outside of controlled areas using [organization-defined security safeguards]; b: Maintains accountability for information system media during transport outside of controlled areas; c: Documents activities associated with the transport of information system media; and d: Restricts the activities associated with the transport of information system media to authorized personnel.
SC-13	The information system implements [organization-defined cryptographic uses and type of cryptography required for each use] in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.
SC-28	The information system protects the [one or more of confidentiality/integrity] of [organization-defined information at rest].

Enhancements

The controls below (if any) add on to the requirements of AC-19(5).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-19(5).

CCI	Definition
CCI-002329	Defines the mobile devices that are to employ full-device or container encryption to protect the confidentiality and integrity of the information on the device.
CCI-002330	Employ full-device encryption or container encryption to protect the confidentiality of information on organization-defined mobile devices.
CCI-002331	Employ full-device encryption or container encryption to protect the integrity of information on organization-defined mobile devices.