Mobile systems must encrypt all data per the DoD Data at Rest policy.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36665 | WN08-00-000013 | SV-48282r1_rule | ECCR-1 ECCR-2 | High |
| Description |
|---|
| If data at rest is unencrypted, it is vulnerable to disclosure. Even if the operating system enforces permissions on data access, an adversary can remove non-volatile memory and read it directly, thereby circumventing operating system controls. Encrypting the data ensures that confidentiality is protected even when the operating system is not running. |
| STIG | Date |
|---|---|
| Windows 8 Security Technical Implementation Guide | 2014-01-07 |
Details
| Check Text ( C-44960r1_chk ) |
|---|
| Verify the system employs DoD-approved full disk encryption. If full disk encryption is not implemented, this is a finding. |
| Fix Text (F-41417r1_fix) |
|---|
| Install an approved DoD encryption package and enable full disk encryption. |