SC-8: Transmission Confidentiality and Integrity

NIST Baseline: Moderate 

DIR Required By:  01/20/2023 

Review Date:  08/08/2024 

1. Tarleton State University (Tarleton) data that is transmitted over a public network (i.e. the Internet) should be encrypted where feasible, especially data that is classified as university-internal, unless the information is designated as public information.  

2. All Tarleton data classified as confidential that is transmitted over a public network, at a minimum, must be encrypted with a 128-bit encryption algorithm, in accordance with Texas Department of Information Resources (DIR) Security Control Catalog requirements. 

3. Tarleton data classified as confidential that is transmitted in an email message must be encrypted. 

---

References/Additional Resources

FIPS 140-3 

FIPS 197 

SP 800-52 

SP 800-77 

SP 800-81-2 

SP 800-113 

SP 800-177 

IR 8023