[PCI DSS 3.0] [PCI DSS 3.0] 3.6.3 Secure cryptographic key storage

pcinetwork

PCINetwork.org Admin
#1
3.6.3 Secure cryptographic key storage

3.6.3.a Verify that key-management procedures specify how to securely store keys.

3.6.3.b Observe the method for storing keys to verify that keys are stored securely.

The encryption solution must store keys securely, for example, by encrypting them with a key- encrypting key. Storing keys without proper protection could provide access to attackers, resulting in the decryption and exposure of cardholder data.
 
Top