• Requirement

    Implement cryptographic mechanisms to prevent unauthorized disclosure and modification of the following information at rest on [Assignment: organization-defined system components or media]: [Assignment: organization-defined information].

  • Discussion

    The selection of cryptographic mechanisms is based on the need to protect the confidentiality and integrity of organizational information. The strength of mechanism is commensurate with the security category or classification of the information. Organizations have the flexibility to encrypt information on system components or media or encrypt data structures, including files, records, or fields.

More Info

  • Title

    Protection of Information at Rest | Cryptographic Protection
  • Family

    System and Communications Protection
  • NIST 800-53B Baseline(s)

    • Moderate
    • High
  • Related NIST 800-53 ID


NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!