Skip to content

5.2.1.5

Vertical Standard Comment

Please complete the below fields. Further instructions can be found in the repositories README.md Do not forget to add a Label, using the sidebar on the right.

Standard Version (see README.md for info): 7

Line Number: /

Clause/Subclause: 5.2.1.5

Paragraph/Figure/Table: /

Comment: “encrypted storage for sensitive data at rest” is not proportional to this security level. For some use-cases, such as healthcare, this is already required by other legislation.

Furthermore, in the risk evaluation of T-CRS-DATA-DISC it is said that the data is: “Low-sensitivity data (e.g., telemetry) means disclosure has minimal consequences.”

Proposed Changes: Change “encrypted storage” to “make use of OS-level primitives to hide data” and remove the Advanced subclause.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information