πΌ 4 Cryptographic key management refers to the generation, distribution, storage, renewal, revocation, recovery, archiving and destruction of encryption keys. Effective cryptographic key management ensures that controls are in place to reduce the risk of compromise of the security of cryptographic keys. Any compromise of the security of cryptographic keys could, in turn, lead to a compromise of the security of the information assets protected by the cryptographic technique deployed.
- Contextual name: πΌ 4 Cryptographic key management refers to the generation, distribution, storage, renewal, revocation, recovery, archiving and destruction of encryption keys. Effective cryptographic key management ensures that controls are in place to reduce the risk of compromise of the security of cryptographic keys. Any compromise of the security of cryptographic keys could, in turn, lead to a compromise of the security of the information assets protected by the cryptographic technique deployed.
- ID:
/frameworks/apra-cpg-234/e/4 - Located in: πΌ Attachment E - Cryptographic techniques
Descriptionβ
Empty...
Similarβ
- Internal
- ID:
dec-c-de5789dc
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (7)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS ACM Certificate Expired π’ | 1 | π’ x6 |
| π AWS IAM Server Certificate is expired π’ | 1 | π’ x6 |
| π AWS IAM User Access Keys are not rotated every 90 days or less π’ | 1 | π’ x6 |
| π AWS IAM User has more than one active access key π’ | 1 | π’ x6 |
| π AWS KMS Symmetric CMK Rotation is not enabled π’ | 1 | π’ x6 |
| π Azure Non-RBAC Key Vault stores Keys without expiration date π’ | 1 | π’ x6 |
| π Azure RBAC Key Vault stores Keys without expiration date π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-0feec790 | 2 | |
| βοΈ dec-x-4d6fee7a | 1 | |
| βοΈ dec-x-12a85339 | 1 | |
| βοΈ dec-x-689858b5 | 1 | |
| βοΈ dec-x-30795016 | 1 | |
| βοΈ dec-x-bcb0c78f | 1 |