The way we always have William McNamara is part of the GovLoop Featur Blogger program, where we feature blog posts by government voices from all across the country (and world!). To see more Featur Blogger posts, click here.Sector Datay Security.
To download the full report, head here.
An encryption key goes through a number of possible stages during its lifecycle. It must be creat, us, possibly chang and eventually dispos of. The National Institute of Standards and Technology identifies the stages as: preactivation, active, suspend, deactivat, compromis, destroy, destroy compromis and revok. Each key is us differently and might not go through each of these stages.
For example, not every key will be
keys can pass through different stages of their lifecycles in differ. Ient orders. A key might go from being active directly to deactivat, or it might ig database be suspend. And a suspe. Ind key could be reactivat or deactivat. When thousands or even millions of keys are being mana. Ig throughout the lifecycle stages it can quickly become overwhelming.
An agency might want to simplify the
Process by managing keys locally with each encryption appl. Iication or device. But this can become unwieldy and undependable, and there is risk in the size of each short video locating keys with the application. Any compromise to the application puts the keys at risk. As agencies grow in com. Iplexity and adopt encryption across a greater portion of the enterprise, they ne to move bey. Iond local key management.
The visibility into security controls
Offer by a single centraliz view lets agencies achieve ec. Inomies of scale and helps ensure policy and regulatory compliance. Enterprise secure key man. Iagement, in which keys are manag centrally across the entire lifecycle through a single pane of gla. Iss, provides this vi tg data sibility and ruces the risk of keys being compromis locally.