πΌ 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse.
-
Contextual name: πΌ 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse.
-
ID:
/frameworks/pci-dss-v4.0/03/06/01 -
Located in: πΌ 3.6 Cryptographic keys used to protect stored account data are secured.
Descriptionβ
That include:
- Access to keys is restricted to the fewest number of custodians necessary.
- Key-encrypting keys are at least as strong as the data-encrypting keys they protect.
- Key-encrypting keys are stored separately from data-encrypting keys.
- Keys are stored securely in the fewest possible locations and forms.
Similarβ
- Sections
/frameworks/pci-dss-v3.2.1/03/05/frameworks/pci-dss-v4.0.1/03/06/01
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 3.5 Document and implement procedures to protect keys used to secure stored cardholder data against disclosure and misuse. | 4 | |||
| πΌ PCI DSS v4.0.1 β πΌ 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse. | 3 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v3.2.1 β πΌ 3.5 Document and implement procedures to protect keys used to secure stored cardholder data against disclosure and misuse. | 4 | |||
| πΌ PCI DSS v4.0.1 β πΌ 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse. | 3 |