Encrypt Data for Storage | CCC

Skip to main content

CCC.Core.C02: Encrypt Data for Storage

Control ID:CCC.Core.C02

Title:Encrypt Data for Storage

Objective:Ensure that all data stored is encrypted at rest using strong encryption algorithms.

Control Family:

Data

Related Threats

ID	Title	Description	External Mappings	Capability Mappings	Control Mappings
CCC.Core.TH01	Access Control is Misconfigured	Misconfigured access controls may grant excessive privileges or fail to restrict unauthorized access to the service and its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data.	1	1	0

Related Capabilities

ID	Title	Description
CCC.Core.F06	Access Control	The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes.

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	PR.DS-1	0	-
CCM	DSP-17	0	-
NIST_800_53	SC-13	0	-
NIST_800_53	SC-28	0	-

Assessment Requirements

ID	Description	Applicability
CCC.Core.C02.TR01	When data is stored, it MUST be encrypted using the latest industry-standard encryption methods.	tlp-green tlp-amber tlp-red