💼 3.5 Document and implement procedures to protect keys used to secure stored cardholder data against disclosure and misuse.
-
Contextual name: 💼 3.5 Document and implement procedures to protect keys used to secure stored cardholder data against disclosure and misuse.
-
ID:
/frameworks/pci-dss-v3.2.1/03/05 -
Located in: 💼 3 Protect stored cardholder data
Description​
This requirement applies to keys used to encrypt stored cardholder data, and also applies to key-encrypting keys used to protect data-encrypting keys—such key-encrypting keys must be at least as strong as the data-encrypting key.
Similar​
- Sections
/frameworks/pci-dss-v4.0/03/06/01
- Internal
- ID:
dec-c-04657187
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse. | 3 |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse. | 3 |