Your encrypted data is only as secure as your encryption keys. A strong encryption key management strategy is essential for a comprehensive security policy, as well as meeting compliance requirements. Attendees of this presentation will learn:
- Principles and best practices for encryption key management including key management, key storage, secure key retrieval, key escrow, key mirroring, industry standards, compliance guidelines, and system audit
- Why certifications are important for meeting compliance regulations such as PCI-DSS and HIPAA/HITECH
- How key management systems work and how to evaluate vendor solutions.
This is a non-technical session but will be of value to developers and implementers. Attendees will learn the core principles of effective and secure encryption key management. These principles can be used in developing in-house key management solutions or in evaluating vendor solutions.
What you'll learn:
- What is encryption key management and why is it important?
- Principles of industry-standard key management
- Industry must-haves for effective key management
- Challenges of home grown key management solutions
- Important certifications for meeting compliance and evaluation vendors