I have a query regarding standards and regulations.
I have a scenario where data for a service provider will be housed on a private cloud and this needs to be encrypted. One solution considered will only issue one key per service provider so the data for all clients under that service provider will be encrypted by the same key.
Is there a standard or regulation that specifies that sensitive data for all clients must be partitioned and encrypted using individual keys? Is so, what is the standard.
Thanks in advance.