Enterprise Key And Management Policy In Senthara Health Care
The final step in this project requires you to use the information from the previous steps to develop the Enterprise Key Management Policy. The policy governs the processes, procedures, rules of behavior, and training for users and administrators of the enterprise key management system.
Research similar policy documents used by other organizations and adopt an appropriate example to create your policy.
Review and discuss the following within the policy:
digital certificates
certificate authority
certificate revocation lists
Discuss different scenarios and hypothetical situations. For example, the policy could require that when employees leave the company, their digital certificates must be revoked within 24 hours. Another could require that employees must receive initial and annual security training.
Include at least three scenarios and provide policy standards, guidance, and procedures that would be invoked by the enterprise key management policy. Each statement should be short and should define what someone would have to do to comply with the policy.
Note: In-text citation and time of deliverable is very important.
Enterprise Key and Management Policy in Sentara Health Care
Name
Course
Date
Processes and Procedures
Any digital signature made with a revoked certificate is invalid and when a signature is validated, one should check the status of the certificate by making queries about any past revocation. Confidential information is identified and encrypted against access from unauthorized persons the sensitive information is transmitted to those who have been granted access. Thus, when employees leave the organization, there is revocation of the digital certificates within 24 hours. Establishing that there is key synchronization is crucial to protect the security of the keys and the systems. Furthermore, generating strong keys will go ahead when approved algorithms are used and this will be followed by secure key distribution.
Rules of behavior
There is restricted access to cryptographic keys, and the employees are expected to follow this based on whether they are allowed access. Users are to use the keys without revealing information to third parties and if the key is compromised or believe there has been compromise they should report this (Rezai, Keshavarzi & Moravej, 2016). The users of the cryptographic keys must ensure that the keys contain the right information and where possible look into whether the relevant information is documented. When using the key management system still emphasize the need to focus on confidentiality, integrity, availability and authentication to protect information security.
Training within the enterprise key management system
To handle the keys, the employees are trained and those trusted are allowed access to different components of the key. As the employers have a better understanding of the key management system, when they are trained those who handle will better placed to handle the keys. The users adapt to the key management techniques when there is training and can follow guides on key management system as there is ease of use.
Digital...
👀 Other Visitors are Viewing These APA Essay Samples:
-
Malicious Network Activity, Overview of the Network Structure
7 pages/≈1925 words | 6 Sources | APA | IT & Computer Science | Research Paper |
-
Joint Network Defense Bulletin: The Financial Services Consortium
1 page/≈275 words | 2 Sources | APA | IT & Computer Science | Research Paper |
-
Mobile Application Threat Modelling
8 pages/≈2200 words | 8 Sources | APA | IT & Computer Science | Research Paper |