The VMM must implement cryptographic mechanisms to prevent unauthorized disclosure of all information at rest on all VMM components.

VMMs handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure of the information at rest. Selection of a cryptographic mechanism is based on the need to protect the integrity of organizational information. The strength of the mechanism is commensurate with the security category and/or classification of the information.