SC-12 (2) - Symmetric Keys
Control requirements
- SC-12 (2) - 0
- The organization produces, controls, and distributes symmetric cryptographic keys using [IBM Assignment: Refer to Supplemental Guidance for Cryptography Governance] key management technology and processes.
Implementation guidance
See the resources that follow to learn more about how to implement this control.
IBM Cloud for Financial Services profile
The rules related to this control that follow are part of the IBM Cloud for Financial Services v1.2.0 profile in IBM Cloud® Security and Compliance Center.
- Check whether Hyper Protect Crypto Services encryption keys that are generated by the service are rotated automatically at least every # months
- Check whether Hyper Protect Crypto Services instance is enabled with a dual authorization deletion policy