The Center for Internet Security Controls or CISControls have become an industry standard to help businesses and organizations of all sizes to maintain an industry standard of Cybersecurity controls.

Safeguard 3.6 is the requirement for you to encrypt data on end user devices that contain sensitive data. This can be accomplished with Microsoft Bitlocker, Apple Filevault, or Linux dmcrypt.

This is a great tip for every device and not just those that contain sensitive data as I discussed a few days ago - https://lnkd.in/eA_-JVYz as a CybersecurityTip.

This safeguard while it only requires encryption for the devices with sensitive data, to check this box off you need to have the policy that outlines that the devices are to be encrypted and as part of your inventory showing the assets which are encrypted and what encryption method is being used.

The bottom line is today every computer, mobile device, portable hard drive, flash drive, backups, and any cloud storage drives you are using should be encrypted as a base level of protection of your data.

Safeguards 3.1 thru 3.6 are all required for all three Implementation Groups so these are great policies to adopt in your organization today.

Join the conversation - https://www.linkedin.com/posts/scottintech_ciscontrols-cybersecurity-bitlocker-activity-7077134189430460416-9ILG?utm_source=share&utm_medium=member_desktop