Security procedures
Safety procedures for the HSM operator/administrator or safety officer:
- Follow the Installation Procedure in the Configuration Manual when you receive the equipment;
- Change the smart cards' default PIN right after formatting;
- Immediately change the special operator's default authentication password master from the HSM and then change it periodically;
- Create operator-type users for each individual HSM administrator. This will ensure that administrative operations are individualized and recorded in the HSM 's audit trails (logs);
- Check the OEM security code immediately after Initialization to ensure the integrity of the equipment;
- Generate the Server Master Key with seed division for two parties other than the smart card custodians in the M of N scheme;
- Distribute the two M of N cards (2 of 2) to two different parties;
- Set the HSM to the correct operating mode (FIPS or non-FIPS) according to the local security policy;
- Check trust relationships between users frequently;
- Inspect the module with reasonable frequency for evidence of tampering in three areas of the equipment:
- seal labels, located on the sides;
- ventilation openings, located at the front and rear;
- physical ports for smart card reader and keyboard on the front and video and network on the back;
- Check the OEM security code reasonably often;
- Establish a policy for the systematic extraction, analysis and retention of logs
- Establish a backup policy for the HSM key base, using a strong password to protect the backup file;
Operator behavior relevant to the safe operation of the HSM:
- Use a strong password for remote authentication via API;
- Store the seed halves of the Server Master Key in separate, secure locations, with access from different sides;
- Remove the smart card from the reader after use;
- Keep the local console logically locked (locked shell) when not in use;
- Monitor the use of HSM resources (CPU and memory) at different times in the daily usage cycle (peak hours, idle hours, etc.);