UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IBM z/OS systems requiring data at rest protection must properly employ IBM DS8880 for full disk encryption.


Overview

Finding ID Version Rule ID IA Controls Severity
V-223569 ACF2-OS-000340 SV-223569r533198_rule Medium
Description
Information at rest refers to the state of information when it is located on a secondary storage device (e.g., disk drive and tape drive, when used for backups) within an operating system. This requirement addresses protection of user-generated data, as well as operating system-specific configuration data. Organizations may choose to employ different mechanisms to achieve confidentiality and integrity protections, as appropriate, in accordance with the security category and/or classification of the information. Satisfies: SRG-OS-000185-GPOS-00079, SRG-OS-000405-GPOS-00184, SRG-OS-000404-GPOS-00183, SRG-OS-000396-GPOS-00176
STIG Date
IBM z/OS ACF2 Security Technical Implementation Guide 2021-03-29

Details

Check Text ( C-25242r504728_chk )
Determine if IBM's DS880 Disks are in use.

If they are not in use for systems that require data at rest, this is a finding.
Fix Text (F-25230r504729_fix)
Employ IBM's DS8880 hardware to ensure full disk encryption.