Standard:
YALE-MSS-7.2: Encrypt all electronic storage devices
YALE-MSS-7.2.3: Be able to provide evidence that an electronic storage device is encrypted
Low Risk Endpoint
Not Required
Moderate Risk Endpoint
Not Required
High Risk Endpoint
Upcoming
Required for HIPAA
Required for PCI
Low Risk Server
Not Required
Moderate Risk Server
Not Required
High Risk Server
Upcoming
Required for HIPAA
Required for PCI
Low Risk Mobile Device
Not Required
Moderate Risk Mobile Device
Not Required
High Risk Mobile Device
Not Required
Low Risk Network Printer
Not Required
Moderate Risk Network Printer
Not Required
High Risk Network Printer
Not Required
Details
Be able to report if an electronic storage device is encrypted. This includes providing evidence that the device is encrypted.
This requirement is satisfied if the device is enrolled in the Managed Workstation program.
In the event of a lost or stolen device, we need to know if the device was encrypted to determine the impact of the loss. If the device is encrypted, there is a lesser likelihood of unauthorized access to the data on the device.