Login  |  Register  |  Contact

New Paper: Understanding and Selecting a Key Management Solution

Yep – we are doing our very best to overload you with research this year. Here’s my latest. From the paper’s home page:

Between new initiatives such as cloud computing, and new mandates driven by the continuous onslaught of compliance, managing encryption keys is evolving from something only big banks worry about into something which pops up at organizations of all sizes and shapes. Whether it is to protect customer data in a new web application, or to ensure that a lost backup tape doesn’t force you to file a breach report, more and more organizations are encrypting more data in more places than ever before. And behind all of this is the ever-present shadow of managing all those keys.

Data encryption can be a tricky problem, especially at scale. Actually all cryptographic operations can be tricky; but we will limit ourselves to encrypting data rather than digital signing, certificate management, or other uses of cryptography. The more diverse your keys, the better your security and granularity, but the greater the complexity. While rudimentary key management is built into a variety of products – including full disk encryption, backup tools, and databases – at some point many security professionals find they need a little more power than what’s embedded in the application stack.

This paper digs into the features, functions, and a selection process for key managers.

Understanding and Selecting a Key Manager (PDF)

Special thanks to Thales for licensing the content.

—Rich

No Related Posts
Previous entry: Great security analysis of the Evasi0n iOS jailbreak | | Next entry: Latest to notice

Comments:

If you like to leave comments, and aren't a spammer, register for the site and email us at info@securosis.com and we'll turn off moderation for your account.

Name:

Email:

Remember my personal information

Notify me of follow-up comments?