Handling of a company’s encryption keys
Data loss is common news lately, it is also becoming a norm to hear about organizations losing very sensitive data. According to Privacy rights clearinghouse, more than nine hundred data loss incidents were reported publicly between January 2005 and February 2008 which lead to disclosure of sensitive data relating to over two hundred and eighteen people. Equally, strict data privacy and security regulations are also making it so expensive to loss such data, it could be a huge public relations disaster in case information leaks out that a company has lost its data. Encryption is simply the process of handling basic information and altering it to some form of unreadable data that no one can comprehend or draw meaning out of it without the use of special software. Through this method, in case a company laptop or flash drive is lost outside the work environment, anyone that locates the devices cannot read or access information stored in them as it will be safeguarded. This paper thus presents answers to critical questions regarding the handling of encryption keys within a company.
Why that key should be available to other people in the company
There are several scenarios under which a company’s encryption key should be available to other persons within the company. The first scenario is if the chief technology officer becomes terminally ill or for one way or another is not able to make it to the office or even speak to communicate such keys. Such situations would hold the company at ransom forcing it to wait for the availability or recovery of the officer before it can finally access its sensitive data. There also cases where the officers in charge die or quit office without reason or even joining criminal agencies and remotely accessing the company’s sensitive data. In such cases, the key should be available so that the other company staff can take immediate measures to further secure the information or altering the keys. It would also be more costly for the company to try recover the keys if any of the above situation happens as opposed to having it within reach internally.
We also have cases where the chief technical officer could have some memory loss therefore not being able to recall the encryption keys, maybe due to some common illnesses thus giving him/her the monopolistic access to the encryption keys would be disastrous to the company. It is also common for company employees to have leave of absence from work or travel abroad, in such an event, we might have emergency situations that demand the use of the encryption keys. Since communicating the keys via email or phone, would be compromising on the power of the same keys to ensure security to the company’s resources, it would also force the company to wait for the officer to return which might take time costing it financially.
A strategy so that the key could become available if needed but would generally be protected against casual access by people in the company.
The best strategy would be to enable a company master key within the setup of all encryption keys. This would be a specific account for the company with extra features specifically tailored for company purposes: such as policy management, password reset or master key. The master key would then allow the company to decrypt all files that is accessible by all the company users without specifically getting access to the user passwords. In doing this, the company can be able to make sure that it does not in any one given time loose access to its sensitive files even in sophisticated scenarios like a user quitting the company or lose of life.
In case the chief technology officer is out of office for some reason, it would be obviously difficult to access some files. However, if the company has a master key, it could simply reset the access password of the officer. It would also be possible for the company administrators to decrypt all private keys of any user within the company, giving it the much needed power to re-encrypt some private keys as well as setting new passwords. To prevent casual access from other persons, only top company administrators would have access to the master key and there should be an escalation matrix detailing the procedure of getting access to such keys. With company organization structure and user levels, it would then be easy to decide on who to be given the privileges of access to the company master key.
The other strategy would be having a common server kept under lock and key that stores all current encryption keys as a backup mechanism in scenarios where the chief technical officer cannot be reached. In worst case scenarios, the company would have the option of retrieving the keys and since it’s under lock and key, only specific people with authorization can be able to access them. It will also be easy to trace any loss of such keys through the few persons with access keys to such servers. For security purposes, such servers would have to be disabled from remote access to avoid cases of compromise as any access to them will have to be physically.