Re: Encryption and Data Retention

["Ali, Saqib" <docbook.xml () gmail com>]

Hello,

Encrypting any confidential/special-handling data that leaves the
premise is a good idea. However, you need to address BC Officer's
concerns. The BCP/DRP folks are usually worried that they will not be
able to get hold of decryption keys in case of a actual disaster.
There is couple of ways to mitigate this:

a) Escrow the decryption key; or
b) Use Secret Sharing[1] (preferable)


Thanks
Saqib
1. http://en.wikipedia.org/wiki/Secret_sharing


2009/8/3 s0h0us <s0h0us () yahoo com>:
> Hi List,
> I'd like your hear your comments regarding the subject of data encryption and data retention.
> We are required to keep confidential information for a certain period of time, in some cases, for many years. This 
> information is transported (physically by courier) offsite to a "disaster recovery" office. This data isn't 
> encrypted. The Business Continuity Officer calims that in the event of a disaster or business disruption, this 
> information needs to be access very quickly so that transactions can resume and minimize business downtime. My 
> position is that any information that leaves the building needs to be encrypted, and that the likelihood of a 
> disaster is low compared to that of unauthorized information disclosure in the event something happens in transit..
> I appreciate in advance your experiences and thoughts in this matter.
>
> Thank you!
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------