Mobile systems must encrypt all data per the DoD Data at Rest policy.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| WN08-00-000013 | WN08-00-000013 | WN08-00-000013_rule | High |
| Description |
|---|
| If data at rest is unencrypted, it is vulnerable to disclosure. Even if the operating system enforces permissions on data access, an adversary can remove non-volatile memory and read it directly, thereby circumventing operating system controls. Encrypting the data ensures that confidentiality is protected even when the operating system is not running. |
| STIG | Date |
|---|---|
| Windows 8 Security Technical Implementation Guide | 2012-11-21 |
Details
| Check Text ( C-WN08-00-000013_chk ) |
|---|
| Verify the system employs DoD-approved full disk encryption. If full disk encryption is not implemented, this is a finding. |
| Fix Text (F-WN08-00-000013_fix) |
|---|
| Install an approved DoD encryption package and enable full disk encryption. |