CHAPTER 6 – PART 5
Encryption Security Standards
1
BACKGROUND
All USDA agencies and staff offices need to transmit Sensitive But
Unclassified (SBU) over open networks. In using IT to continuously
improve mission performance, the USDA is becoming more
interconnected to open networks and other emergent global
networks. The openness of these networks enables malicious
cyber attacks against sensitive USDA assets and increases the
potential risk to sensitive information. This risk is compounded
through the use of the Internet and other non-secure mediums
such as Wireless Local Area Network technology, Microwave,
and Radio technologies. This technology includes utilizing
Laptops and Personal Electronic Devices (such as cellular
telephones, pagers and hand held computers) to communicate
and process USDA information from any location.
Encryption methods can protect sensitive information during
storage and transmission. They provide important functionality to
reduce the risk of intentional and accidental compromise and
alteration of data. Encryption algorithms use a mechanism
called a key, which is used to render the information unreadable
during transmission. While the information is encrypted it is
mathematically protected against disclosure because it is
cannot be read by some one who does not have a
corresponding key to decrypt the information. Encryption
methods serve as part of the USDA defense-in-depth strategy
and provide reasonable protection of sensitive information at a
comparatively low cost.
The primary factor that must be considered when determining if
encryption is required is data sensitivity. Data sensitivity is a
measure of the importance and nature of the information
processed, stored, and transmitted by an IT system to the
organization’s mission and day-to-day operations. The sensitivity
of information can be addressed by analyzing the system
requirements for confidentiality, integrity, and availability.
DM 3530-005