Legal compliance is becoming extremely complex. There are a number of mandates that dictate how much of your data you will maintain and secure and for how long. At the core of the compliance is the need to secure your data with encryption.
Legal compliance mandates insist that your data is at risk if you have not thought through the process of “encryption key” management or instituted sufficient safeguards to ensure that the encryption key is inaccessible to those who are not authorized to access it. These mandates further point out that if you have more than one customized encryption key and these are maintained at different locations or by different people, for different storage repositories, your problems are compounded. You need to centralize key management.
Consolidated and centralized management of encryption keys makes for accelerated deployment of storage solutions. The key management life cycle beginning with pre-activation and cycling through activation, suspension, revocation, deactivation, destruction, compromise, and compromise detection can be made visible and manageable from a single interface window. Role based access controls and ownership definitions can be instituted to ensure that only authorized personnel handle the keys. Elaborate logging systems can be automated to capture, report and generate alerts (whenever required) on key handling attempts. The key management interface must be highly available and scalable with high fault-tolerance, auto-replicating capability, redundant failover capacity and optimized functionality, with low impact on performance.
Operational costs can be lowered with consolidation. All kinds of Cloud backup accounts encrypted with a single key can be managed with ease. Data records need not be lost due to unrecoverable or compromised keys. Loss of business reputation can be avoided. Compliance postures can be strengthened. Data in flight and at rest in Cloud backup repositories can work with the same encryption algorithm to provision for future portability and consolidation.
In short, encryption key management should be taken very seriously and its management must be given a top priority by the database administrator. It is fundamental to enterprise storage security. It must prevent the creation of legacy encryption islands that result in data loss and create risks for the enterprise. The solution should be automated, robust, centralized and easily deployable. It should be scalable, cohesive and adaptable to any kind of data that is transmitted to online or onsite data stores.
So, plan for the future of your data, now! Secure your data and comply with the extant legislations with practiced ease.