💼 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse.
-
Contextual name: 💼 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse.
-
ID:
/frameworks/pci-dss-v4.0/03/06/01 -
Located in: 💼 3.6 Cryptographic keys used to protect stored account data are secured.
Description​
That include:
- Access to keys is restricted to the fewest number of custodians necessary.
- Key-encrypting keys are at least as strong as the data-encrypting keys they protect.
- Key-encrypting keys are stored separately from data-encrypting keys.
- Keys are stored securely in the fewest possible locations and forms.
Similar​
- Sections
/frameworks/pci-dss-v3.2.1/03/05/frameworks/pci-dss-v4.0.1/03/06/01
- Internal
- ID:
dec-c-c138f39e
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 3.5 Document and implement procedures to protect keys used to secure stored cardholder data against disclosure and misuse. | 4 | |||
| 💼 PCI DSS v4.0.1 → 💼 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse. | 3 |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 3.5 Document and implement procedures to protect keys used to secure stored cardholder data against disclosure and misuse. | 4 | |||
| 💼 PCI DSS v4.0.1 → 💼 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse. | 3 |