8.2.12 Retain All Master Keys

Information

Master keys are needed to access the DEKs that are stored in encrypted databases, transaction logs, and backup images. Since multiple MKs can exist over the life time of these objects, it is necessary to retain them all while the encrypted data is retained. If a MK is lost, the encrypted data in the object cannot be retrieved. An organizations standard operating procedures (SOP) should have a methodology for tracking what data is encrypted with a specific master key, and be consulted before any master keys are archived.

Rationale:

Any failure or human error in tracking what data encrypted with a specific master key could result in loss of access to that data should the master key be deleted. Master keys should not be deleted. Instead they should be archived to a secure location for long term storage in case they are required at some point in the future.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Update the SOP to provide guidance found missing during the audit.

See Also

https://workbench.cisecurity.org/files/4033