💼 SC-8(1) Cryptographic Protection (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/sc/08/01
Description
Implement cryptographic mechanisms to [FedRAMP Assignment: prevent unauthorized disclosure of information AND detect changes to information] during transmission.
SC-8 (1) Additional FedRAMP Requirements and Guidance:
Guidance: See M-22-09, including "Agencies encrypt all DNS requests and HTTP traffic within their environment"SC-8 (1) applies when encryption has been selected as the method to protect confidentiality and integrity. Otherwise refer to SC-8 (5). SC-8 (1) is strongly encouraged.
Guidance: Note that this enhancement requires the use of cryptography which must be compliant with Federal requirements and utilize FIPS validated or NSA approved cryptography (see SC-13).
Guidance: When leveraging encryption from the underlying IaaS/PaaS: While some IaaS/PaaS services provide encryption by default, many require encryption to be configured, and enabled by the customer. The CSP has the responsibility to verify encryption is properly configured.
Requirement: Please ensure SSP Section 10.3 Cryptographic Modules Implemented for Data At Rest (DAR) and Data In Transit (DIT) is fully populated for reference in this control.
Similar
- Sections
/frameworks/fedramp-high-security-controls/sc/08/01
- Internal
- ID:
dec-c-cb51ef9f
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 FedRAMP High Security Controls → 💼 SC-8(1) Cryptographic Protection (L)(M)(H) | 8 | 16 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|