Detections
Analytics

800-53|AC-19(5)

Title

FULL DEVICE / CONTAINER-BASED ENCRYPTION

Description

The organization employs [Selection: full-device encryption; container encryption] to protect the confidentiality and integrity of information on [Assignment: organization-defined mobile devices].

Supplemental

Container-based encryption provides a more fine-grained approach to the encryption of data/information on mobile devices, including for example, encrypting selected data structures such as files, records, or fields.

Reference Item Details

Related: MP-5,SC-13,SC-28

Category: ACCESS CONTROL

Parent Title: ACCESS CONTROL FOR MOBILE DEVICES

Family: ACCESS CONTROL

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.15 - AirWatch - Enable 'Encrypt phone'MDMAirWatch - CIS Google Android 4 v1.0.0 L1
1.1.15 - MobileIron - Enable 'Encrypt phone'MDMMobileIron - CIS Google Android 4 v1.0.0 L1
1.9 Ensure 'Encrypt phone' or 'Encrypt tablet' is set to EnabledMDMMobileIron - CIS Google Android 7 v1.0.0 L1
1.9 Ensure 'Encrypt phone' or 'Encrypt tablet' is set to EnabledMDMAirWatch - CIS Google Android 7 v1.0.0 L1
2.1.9 - AirWatch - Enable 'Require encryption on the device'MDMAirWatch - CIS Google Android 4 v1.0.0 L1
2.1.9 - MobileIron - Enable 'Require encryption on the device'MDMMobileIron - CIS Google Android 4 v1.0.0 L1
Android Compliance Policy - Encryption of data storage on devicemicrosoft_azureTenable Best Practices for Microsoft Intune Android v1.0
Android Device Configuration - Encryption on storage cardsmicrosoft_azureTenable Best Practices for Microsoft Intune Android v1.0
CIS Control 13 (13.6) Encrypt Mobile Device DataUnixCAS Implementation Group 1 Audit File
iOS Device Management - Encrypted backupmicrosoft_azureTenable Best Practices for Microsoft Intune iOS v1.0
macOS Device Management - Encryption of data storage on devicemicrosoft_azureTenable Best Practices for Microsoft Intune macOS v1.0
Windows Compliance Policy - Encryption of data storage on devicemicrosoft_azureTenable Best Practices for Microsoft Intune Windows v1.0