UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Applications must protect the confidentiality of transmitted information.


Overview

Finding ID Version Rule ID IA Controls Severity
V-27060 SRG-APP-NA SV-34355r1_rule Medium
Description
Ensuring the confidentiality of transmitted information requires that applications take feasible measures to employ security mechanisms during data transmission. Examples include but are not limited to, SSL, TLS, IPSec, and VPN. This requirement applies to communications across internal and external networks. If the organization is relying on a commercial service provider for transmission services as a commodity item rather than a fully dedicated service, it may be more difficult to obtain the necessary assurances regarding the implementation of needed security controls for transmission integrity. When it is infeasible or impractical to obtain the necessary security controls and assurances of control effectiveness through appropriate contracting vehicles, the organization either implements appropriate compensating security controls or explicitly accepts the additional risk.
STIG Date
Application Security Requirements Guide 2011-12-28

Details

Check Text ( None )
None
Fix Text (None)
None