BS EN ISO/IEC 19790:2020 - Information Technology Security Techniques

Security Requirements for Cryptographic Modules

In the rapidly evolving world of information technology, ensuring the security of data is paramount. The BS EN ISO/IEC 19790:2020 standard is a comprehensive guide that sets forth the security requirements for cryptographic modules, providing a robust framework for safeguarding sensitive information.

Overview

This standard, released on December 22, 2020, is a critical resource for organizations seeking to implement secure cryptographic solutions. With 84 pages of detailed guidelines, it offers a thorough examination of the necessary security techniques required to protect cryptographic modules from unauthorized access and potential threats.

Key Features

• Standard Number: BS EN ISO/IEC 19790:2020
• ISBN: 978 0 539 16461 9
• Status: Standard

Why Choose BS EN ISO/IEC 19790:2020?

The importance of cryptographic modules in securing data cannot be overstated. These modules are integral to the encryption and decryption processes that protect sensitive information from cyber threats. The BS EN ISO/IEC 19790:2020 standard provides a structured approach to evaluating and implementing these modules, ensuring they meet the highest security standards.

By adhering to this standard, organizations can:

• Ensure compliance with international security requirements.
• Enhance the integrity and confidentiality of their data.
• Mitigate risks associated with data breaches and cyber attacks.
• Build trust with clients and stakeholders by demonstrating a commitment to data security.

Comprehensive Security Framework

The BS EN ISO/IEC 19790:2020 standard outlines a comprehensive security framework that covers various aspects of cryptographic module security, including:

• Design and Implementation: Guidelines for the secure design and implementation of cryptographic modules.
• Operational Environment: Requirements for maintaining a secure operational environment for cryptographic modules.
• Physical Security: Measures to protect cryptographic modules from physical tampering and unauthorized access.
• Key Management: Best practices for managing cryptographic keys securely.
• Self-Tests: Procedures for conducting self-tests to ensure the ongoing security and functionality of cryptographic modules.

Global Relevance

As a globally recognized standard, BS EN ISO/IEC 19790:2020 is applicable to organizations worldwide. It is designed to be adaptable to various regulatory environments, making it an essential tool for multinational corporations and businesses operating in diverse markets.

Who Should Use This Standard?

This standard is ideal for:

• IT security professionals responsible for implementing cryptographic solutions.
• Organizations seeking to enhance their data protection measures.
• Compliance officers ensuring adherence to international security standards.
• Software developers and engineers involved in the design of secure systems.

Conclusion

In an era where data breaches and cyber threats are increasingly common, the BS EN ISO/IEC 19790:2020 standard provides a vital resource for organizations committed to protecting their information assets. By following the security requirements outlined in this standard, businesses can significantly enhance their data security posture, ensuring the confidentiality, integrity, and availability of their critical information.

Invest in the security of your cryptographic modules with the BS EN ISO/IEC 19790:2020 standard and take a proactive step towards safeguarding your organization's data.

BS EN ISO/IEC 19790:2020

This standard BS EN ISO/IEC 19790:2020 Information technology. Security techniques. Security requirements for cryptographic modules is classified in these ICS categories:

• 35.030 IT Security

This International Standard specifies the security requirements for a cryptographic module utilised within a security system protecting sensitive information in computer and telecommunication systems. This International Standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity (e.g. low value administrative data, million dollar funds transfers, life protecting data, personal identity information, and sensitive information used by government) and a diversity of application environments (e.g. a guarded facility, an office, removable media, and a completely unprotected location). This International Standard specifies four security levels for each of 11 requirement areas with each security level increasing security over the preceding level.

This International Standard specifies security requirements specified intended to maintain the security provided by a cryptographic module and compliance to this International Standard is not sufficient to ensure that a particular module is secure or that the security provided by the module is sufficient and acceptable to the owner of the information that is being protected.