Ensure Data Encryption at Rest for All Stored Data

← Back to CCC Relational Database Management System Features

CCC.C02: Ensure Data Encryption at Rest for All Stored Data

Objective:Ensure that all data stored is encrypted at rest to maintain confidentiality and integrity.

Control Family:

Encryption

Threats:

ID	Title	Description
CCC.TH01	Access Control is Misconfigured	Misconfigured access controls may grant excessive privileges or fail to restrict unauthorized access to sensitive resources. This could result in unintended data exposure or unauthorized actions being performed within the system.

NIST CSF:

PR.DS-1

Control Mappings

CCM:

DSP-17

ISO_27001:

NIST_800_53:

SC-13

SC-28

Test Requirements

CCC.C02.TR01:When data is stored at rest, the service MUST be configured to encrypt data at rest using the latest industry-standard encryption methods.

TLP:

tlp_clear

tlp_green

tlp_amber

tlp_red