SC-28(3): Cryptographic Keys
Control Family:
Parent Control:
CSF v1.1 References:
Threats Addressed:
Baselines:
(Not part of any baseline)
Control is new to this version of the control set.
Control Statement
Provide protected storage for cryptographic keys [Assignment: [Assignment: organization-defined safeguards] , hardware-protected key store].
Supplemental Guidance
A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.