G.2.6 Protection of information at rest
Control Details
Objective
Protect the confidentiality and integrity of information at rest.
Definition
Data protection at rest aims to secure the confidentiality and integrity of data stored on any storage device or network. Mechanisms to achieve confidentiality and integrity protections include using encryption and file share scanning. Provisions for protecting information at rest should be included in agreements with suppliers, developers, system integrators, external system providers, and other service providers.
Assessment Questions
- What provisions are made for the protection of information at rest included in agreements with suppliers, developers, system integrators, and external system providers?
- What policies are set in place for the use of cryptography in the organization’s security policy?