Cryptographic Key Management Clause Samples
The Cryptographic Key Management clause establishes the requirements and procedures for handling cryptographic keys used to secure sensitive data. It typically outlines how keys must be generated, stored, distributed, rotated, and destroyed, often specifying the use of industry-standard algorithms and secure hardware or software modules. By defining these controls, the clause ensures that cryptographic keys are protected from unauthorized access or misuse, thereby maintaining the confidentiality and integrity of encrypted information.
Cryptographic Key Management. Ensure that cryptographic keys are managed securely at all times, in accordance with documented control requirements and procedures which are consistent with good industry practice, and shall ensure that Customer Confidential Information is protected against unauthorized access or destruction. Computershare shall ensure that if public key infrastructure (PKI) is used, it shall be protected by ‘hardening’ the underlying operating system(s).
Cryptographic Key Management. NetWitness shall ensure secure handling of cryptographic keys in accordance with industry best practices.
Cryptographic Key Management. Jostens manages cryptographic keys, in accordance with industry-recognized leading practices for key management:
a. Documented standards and procedures must exist; and
Cryptographic Key Management. RSA shall ensure secure handling of cryptographic keys in accordance with industry best practices.
Cryptographic Key Management.
10.9.1 Cryptographic keys MUST be managed and protected in accordance with the controls present in SS-002 Security Standard – Public Key infrastructure.