3.9: Encrypt Data on Removable Media ================================== Encrypt data on removable media.
Asset Type | Security Function | Implementation Groups |
---|---|---|
Data | Protect | 2, 3 |
- Safeguard 1.1: Establish and Maintain Detailed Enterprise Asset Inventory
- Safeguard 2.1: Establish and Maintain a Software Inventory
- Safeguard 4.1: Establish and Maintain a Secure Configuration Process
GV1
: Enterprise asset inventoryGV5
: Authorized software inventoryGV3
: Configuration Standards
Assumptions ----------#. Enterprise asset inventory includes removable media
- Use
GV1
to identify and enumerate assets authorized to support removeable media (M1) - Use
GV5
to identify encryption software installed on assets identified in Operation 1 (M1) - Enumerate the number of assets with encryption software installed (M2)
- Enumerate the number of assets without encryption software installed (M3)
- Use
- For assets identified in Operation 2.1, use
GV3
to check configurations of encryption software - Enumerate assets that have properly configured encryption software (M4)
- Enumerate assets that have improperly configured encryption software(M5)
- For assets identified in Operation 2.1, use
- M1 = Count of assets authorized to support removeable media
- M2 = Count of authorized assets with encryption software installed
- M3 = Count of authorized assets without encryption software installed
- M4 = Count of authorized assets with properly configured encryption software
- M5 = Count of authorized assets with improperly configured encryption software
Metric | The percentage of appropriately configured assets to support removeable media. |
Calculation | M4 / M1 |