We have implemented a phased approach for returning to our offices that allows us to modify our approach to service delivery as situations change without any service disruptions. In the meantime and in the interest of public health and the safety of our community, our teams will continue working remotely whenever possible to provide the same high-quality service you have come to expect. Utilizing state-of-the-art technology, we are committed to meeting all of your assurance, tax, and advisory needs to help you navigate a business environment filled with challenges and opportunities. To discuss a specific need that can’t be handled remotely, please contact your Freed Maxick representative directly.
If you're classified as a service provider, you're required to maintain a documented description of your cryptographic architecture including any cryptographic algorithms security protocols and keys, including the keys specific to usage expiration date and strength
Click to see a short video on PCI DSS 3.2’s Section 3.5.1 requirement.
Freed Maxick 3.5.1 Guidance
Relative to documented cryptographic architecture, our recommendation is that organizations who are subject to PCI DSS compliance should take proactive steps to maintain an up to date listing of cryptographic tools being utilized to protect cardholder data.