>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

3.6.1Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse that include: Access to keys is restricted to the fewest number of custodians necessary.

>Requirement Description

Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse that include: Access to keys is restricted to the fewest number of custodians necessary. Key-encrypting keys are at least as strong as the data-encrypting keys they protect. Key-encrypting keys are stored separately from data-encrypting keys. Keys are stored securely in the fewest possible locations and forms. Applicability Notes This requirement applies to keys used to protect stored account data and to key-encrypting keys used to protect data-encrypting keys. The requirement to protect keys used to protect stored account data from disclosure and misuse applies to both data-encrypting keys and key-encrypting keys. Because one key-encrypting key may grant access to many data-encrypting keys, the key-encrypting keys require strong protection measures.

>Cross-Framework Mappings

NIST CSF 2.0

via NIST OLIR Catalog
PR.AA-01
Compare
PR.AA-04
Compare
PR.DS-01
Compare

SCF

CRY-08.1
Compare
CRY-09
Compare
CRY-09.3
Compare
CRY-09.4
Compare

Ask AI

Configure your API key to use AI features.