Key Management
The issues of key management make managing encryption and creating policies difficult. Not only are the issues complicated, but they change depending on whether your organization is using hardware accelerators or software-only systems. There are also differences between symmetric and asymmetric encryption.
When there are questions as to how to work with technology, the answer is usually to use the standards. However, if your organization is using public key cryptography and trying to create a public key infrastructure (PKI), the standards are in flux, making it difficult to find answers. Vendors can provide guidance, but be careful as to not allow them to influence the policy in such a way that your organization is locked into ...
Get Writing Information Security Policies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.