Use cryptographic mechanisms to protect CUI in transmission
System and Communications Protection · NIST SP 800-171 Rev 2
Requirement
Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards.
Discussion
This requirement applies to internal and external networks and any system components that can transmit information including servers, notebook computers, desktop computers, mobile devices, printers, copiers, scanners, and facsimile machines. Communication paths outside the physical protection of controlled boundaries are susceptible to both interception and modification. Organizations relying on commercial providers offering transmission services as commodity services rather than as fully dedica
How this affects your SPRS score
Under the DoD Assessment Methodology, a perfect SPRS score is 110. If this control is not met, 3 points is subtracted from your score.
Want your estimated SPRS score?
Answer 15 quick questions covering the highest-impact controls and get an instant estimate.
Estimate my SPRS score →Source: NIST SP 800-171 Rev 2 (public domain) · SPRS weighting per the DoD Assessment Methodology · This is reference information, not an official assessment.