performed so that this information is not easily humanly readable.
Certificates should be stored in a key store that is password protected.
16.4.5 Disaster recovery, backup, and restore
Backup and restore capabilities are critical to ensure that an
environment can be recreated in the event of a disaster. It is also
important to be able to replicate an existing environment to scale
according to the needs of the enterprise. A good solution will allow
for a secure mechanism to create backups and perform restores of all
keys and relevant configuration information. In some environments,
specialized hardware used to protect keys has its own mechanism for
backup and restore.
16.5 High availability and load balancing
A load-balanced system is a good way to provide a highly redundant
environment and scale performance to meet the needs of the
enterprise. A privacy and authentication solution should be able to
load balance intelligently across different physical locations and
perform monitoring services to determine whether systems are up or
In some enterprise environments, it may be desirable to have an
active/passive model in which one machine actively services requests
while another stands by. In the event that the active system fails, the
standby system assumes the IP address of the previously active
system and starts to service requests.
16.5.1 Key replication services
Deployments with multiple systems can often be difficult to main-
tain. Platforms that offer automated configuration and key replica-
tion services are more desirable. This simplifies the overall
management experience and reduces the chances of errors.
16.6 Transport and network
It is recommended to use SSL at all points in which sensitive data are
in transit, both over the Internet and within the enterprise (such as
between the application server and the database). A good privacy
