When a user authenticates to the encryption functionality of IT equipment or media, it is treated in accordance with its original sensitivity or classification until the user deauthenticates from the encryption functionality.
Topic
Handling encrypted IT equipment and media
Applicable to
all
History
Priority
must
Jun 2024
When a user authenticates to the encryption functionality of IT equipment or media, it is treated in accordance with its original sensitivity or classification until the user deauthenticates from the encryption functionality.
References to ICT equipment were amended to IT equipment.
Mar 2022
When a user authenticates to the encryption functionality of ICT equipment or media, it is treated in accordance with its original sensitivity or classification until the user deauthenticates from the encryption functionality.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2015
When a user authenticates to ICT equipment storing encrypted information, it must betreated in accordance with the original sensitivity or classification of the equipment.
2010
When ICT equipment storing encrypted information is turned on and authenticated to, it must be treated inaccordance with the original classification of the equipment.
2008
When equipment storing encrypted information is turned on and authenticated it must be treated as per the original classification of the equipment.