Properly encrypted data is essentially in a safe that no amount of dynamite will open. While it is necessary to protect a key, it is also necessary to have a process to circumvent the unavailability of a key, e.g. an employee forgetting a password or losing an authentication token.
This talk will cover the necessary basics of encryption needed to understand a more detailed review of the aspects of key management. Those aspects include separation of duties, dual control, key generation, key deployment, key protection, and key recovery.
Hoyt L. Kesterson II Hoyt is a technology expert with Terra Verde Services. He has more than 40 years of experience in information security and related technologies. For 21 years he chaired the international standards group that created the X.509 digital signature certificate, a fundamental component in digital signature and securing web transactions, He is a founding member of the ABA’s Information Security Committee and the eDiscovery and Digital Evidence Committee. A testifying expert, he has participated on ALI-ABA CLE web-casts on digital evidence and lectured on data breach at the ABA 2008 Annual meeting. He is an acknowledged contributor to a book on e-discovery and a book on digital data and the rules of evidence, both published by the ABA.