Freed Maxick Service Delivery Update

We have implemented a phased approach for returning to our offices that allows us to modify our approach to service delivery as situations change without any service disruptions. In the meantime and in the interest of public health and the safety of our community, our teams will continue working remotely whenever possible to provide the same high-quality service you have come to expect. Utilizing state-of-the-art technology, we are committed to meeting all of your assurance, tax, and advisory needs to help you navigate a business environment filled with challenges and opportunities. To discuss a specific need that can’t be handled remotely, please contact your Freed Maxick representative directly.

PCI DSS 3.2 Req 3.5.1 - Views on Documented Cryptographic Architecture

By Justin Bonk on July, 9 2018
Back to main Blog
Justin Bonk

If you're classified as a service provider, you're required to maintain a documented description of your cryptographic architecture including any cryptographic algorithms security protocols and keys, including the keys specific to usage expiration date and strength

Click to see a short video on PCI DSS 3.2’s Section 3.5.1 requirement.


Freed Maxick 3.5.1 Guidance   

Relative to documented cryptographic architecture, our recommendation is that organizations who are subject to PCI DSS compliance should take proactive steps to maintain an up to date listing of cryptographic tools being utilized to protect cardholder data.


PCI DSS Resources 

For more guidance on this issue and other PCI DSS requirements, read our blog post on new requirements for 2018 that includes a downloadable overview of all recent updates and revisions.


An overview of Freed Maxick services for PCI DSS Compliance can be found here. For a more detailed discussion of your organization’s situations and needs, contact us here or call me at 716.847.2651.



Stay up to date