Best Practice for Lifecycle Crypto Key Management

Organisations utilising cryptography for securing confidential information have the choice of hardware and software based solutions depending on the nature of the data in need of encryption. Arguably, the weakest link in the chain is the cryptographic keys used to encrypt and decrypt the data. This is due to the constantly increasing processing power of today’s computers and the length of time it may take to compromise the keys through an exhaustive key search. Therefore, these organisations must regularly revoke, update and distribute the keys to the relevant parties in order to reduce the risk of internal and external threats.

Many sectors, including banking and governmental, have the time consuming task of tracking and managing ever-increasing numbers of keys to ensure the right keys are in the right place at the right time. The vast amounts of keys needed for the daily operations of applications using crypto will lead to an army of administratorsbuy if the keys are managed manually. Hence, automated key management systems are now a necessity for these organisations if they are to keep on top of the workload, and reduce their admin costs.

Key management will come in many variations with some more suitable for enterprise settings while others are more scalable, designed for the huge numbers of keys as utilised in the banking industry. Different requirements need different solutions, however, there are some general issues which must be addressed if the implementation of such systems are to be successful in terms of functionality, compliance, availability and keeping costs at a minimum. A short list of best practice procedures is below:

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s