3.1.13 Employ cryptographic mechanisms to protect the confidentiality of remote access sessions.

Cryptographic standards include FIPS-validated cryptography and NSA-approved cryptography. See [NIST CRYPTO]; [NIST CAVP]; [NIST CMVP]; National Security Agency Cryptographic Standards.

Actionable items: Ensure that all outside communications are using a form of encryption.