NIST SP 800-171 & CMMC 2.0 Control 3.8.6 Requirement:

Implement cryptographic mechanisms to protect the confidentiality of “Controlled Unclassified Information” (CUI) stored on digital media during transport unless otherwise protected by alternative physical safeguards.

NIST SP 800-171 & CMMC 2.0 3.8.6 Requirement Explanation:

This requirement generally applies to portable storage devices such as USB thumb drives, CDs, DVDs, and external hard drives. Any digital media containing CUI that is transported outside of your facility must be encrypted or stored in a locked container.

Example NIST SP 800-171 & CMMC 2.0 3.8.6 Implementation:

Encrypt any digital media containing CUI that you intend to transport outside of your facilities. In general, it is a good idea to encrypt all portable digital media.

NIST SP 800-171 & CMMC 2.0 3.8.6 Scenario(s):

- Scenario 1:

Your company wants to store its backups with a third-party off-site storage company. To protect the CUI on the backup drives it encrypts them. The third-party is thus unable to access the CUI on the drives.
 

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:

/assets/images/app/complaince_accelerator.gif

Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Become Compliant
/assets/images/app/quantum_accelerator.gif

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Provide Services
/assets/images/app/supply_chain_verifier.gif

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.
Verify Subcontactors