💼 4 Cryptographic key management refers to the generation, distribution, storage, renewal, revocation, recovery, archiving and destruction of encryption keys. Effective cryptographic key management ensures that controls are in place to reduce the risk of compromise of the security of cryptographic keys. Any compromise of the security of cryptographic keys could, in turn, lead to a compromise of the security of the information assets protected by the cryptographic technique deployed.
- ID:
/frameworks/apra-cpg-234/e/4
Description
Empty...
Similar
- Internal
- ID:
dec-c-de5789dc
- ID:
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (7)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS ACM Certificate Expired🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM Server Certificate is expired🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User Access Keys are not rotated every 90 days or less🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User has more than one active access key🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS KMS Symmetric CMK Rotation is not enabled🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Non-RBAC Key Vault stores Keys without expiration date🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure RBAC Key Vault stores Keys without expiration date🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-0feec790 | 2 | |
| ✉️ dec-x-4d6fee7a | 1 | |
| ✉️ dec-x-12a85339 | 1 | |
| ✉️ dec-x-689858b5 | 1 | |
| ✉️ dec-x-30795016 | 1 | |
| ✉️ dec-x-bcb0c78f | 1 |