- Overview
See Purpose.
- Purpose
The purpose of this policy is to provide guidance that limits the use of encryption to those algorithms that have received substantial public review and have been proven to work effectively. Additionally, this policy provides direction to ensure that Federal regulations are followed, and legal authority is granted for the dissemination and use of encryption technologies outside of the United States.
- Scope
This policy applies to all [ORG’S NAME]’s employees, contractors, interns, vendors and agents with a [ORG’S NAME]-owned or personally-owned computer or workstation used to connect to the [ORG’S NAME]’s network.
-
*Policy *
-
All [ORG’S NAME]’s PCs, Workstations and data storages must have full disk encryption enabled using trusted opensoruce encryption software like VeraCrypt ,FileVault for MAC and bitlocker for windows devices.
-
Luck screen with a strong password is a mandatory. The time of activating auto luck screen for unattended machine must be less than 2 minutes.
-
The encrypted devices must be turned off before leaving the office.
-
Full disk encryption must be using one of the following algorithms
-
AES-Twofish-Serpent
-
SHA-512
-
AES
-
Triple DES
-
-
Any Smartphone or tablet connects to [ORG’S NAME]’s network must be encrypted via enabling full disk encryption support from security settings in each smartphone.
-
Employees must use strong passphrases
-
Luck screen with a strong password is a mandatory. The time of activating auto luck screen must be less than 2 minutes.
-
Any storage device belongs to [ORG’S NAME] and it has [ORG’S NAME]’s information must be encrypted via enabling full disk encryption.
-
Employees must use strong passphrases
-
-
-
Key generation must be seeded from an industry standard random number generator (RNG). For examples, see NIST Annex C: Approved Random Number Generators for FIPS PUB 140-2.
-
I have read [ORG’S NAME]’s encryption policy and agree to abide by it as consideration for my continued employment by [ORG’S NAME]. I understand that violation of any above policies may result in my termination.
_____________________ User Signature
_____________________ Date