Encryption Management

Encryption Management

We are using encryption on a daily basis and may not be aware of it. Confidentiality of digital communication has become important integral part of secure and reliable solutions. Current trends show that the use of encryption is on the rise within all industries. Are your solutions secure and ready?

Encryption Management (also known as Cryptographic Key Management) is the set of techniques and procedures that support the establishment and maintenance of keying relationships between the authorized parties.

Cryptographic Issues and Information Leakage are most common types of flaws in applications.

wordcloud-4

Most significant threats to sensitive or confidential data

54%
employee mistakes
30%
system malfunction
30%
hackers
22%
temporary workers
* based on 2019 Global Encryption Trends Study

Standards and regulations that needs encryption management

Payment Card Industry (PCI)

National Institute of Standards and Technology

Payment Services Directive (PSD2)

International Organization for Standardization (ISO)

General Data Protection Regulation (GDPR)

EMVCo (3D Secure, Secure Remote Commerce)

Sarbanes–Oxley Act (SOX)

Electronic Identification, Authentication and Trust Services (eIDAS)

Gramm–Leach–Bliley Act (GLBA)

Health Insurance Portability and Accountability Act (HIPAA)

Cryptographic key lifecycle

Each cryptographic key has its own lifecycle. It goes through the generation of keying material using random number generator, to its formal usage in application and systems, and the key is retired and logically and physically destroyed at the end of its life. This helps us to understand the status of the keys in each stage during the time and to prevent misuse, which can lead to compromise and replacement of the whole hierarchy of keys, with huge impact on the operation and business. Properly designed lifecycle has its benefits of avoiding loss of information and protecting sensitive data in each point in time.

Typical lifecycle includes

Encryption Management (also known as Cryptographic Key Management) is the set of techniques and procedures that support the establishment and maintenance of keying relationships between the authorized parties.

  • Generate

  • Distribute

  • Backup

  • Use

  • Renew

  • Rotate

  • Revoke

  • Destroy

Encryption management strategy

Planning and executing strategy is one of the biggest challenge for the successful encryption management:

Discovery and Inventory

Know where all keys reside, how to quickly identify them, and have the overall idea of the impact to the business in any case

Appropriate Technology

Appropriate technology helps us to effectively manage numbers of keys and their lifecycle, providing automation, monitoring, and reporting

Data Classification

Know which data is sensitive and how much do we need to protect the data, what are the risks and threats

Training and Awareness

Train personnel and provide enough information to employees in order to understand the purpose of encryption management

Most common deployment of encryption management

Internet communications (e.g., TLS/SSL)88%
Databases86%
Backup and archives82%
Internal networks (e.g., VPN/LPN)81%
Laptop hard drives80%
Cloud gateway76%
Email74%
Data center storage74%
File systems70%
Public cloud services69%
Private cloud infrastructure66%
Docker containers58%
Big data repositories54%
Internet of things (IoT)52%

Most common data types encrypted

Payment related data55%
Financial records54%
Employee/HR data51%
Intellectual property51%
Customer information44%
Non-financial business information25%
Healthcare information24%
* based on 2019 Global Encryption Trends Study