Key Management Best Practices:
The new PCI Data Security Standards (PCI DSS v2.0) are here and we’ve gotten a lot of questions about the changes related to encryption key management. Because we work with a lot of companies going through PCI compliance audits and reviews, the new standards just confirm the trends we’ve seen over the last few months on how QSA auditors and security professionals view encryption key management, and what they see as the minimum requirements for managing keys.
What New PCI Regulations Say
In this podcast, Patrick Townsend speaks on:
- Current best practices
- What PCI has to say about integrated key management
- Dual control, separation of duties, and split knowledge