RSS Feed

Best Practices

Created: 28.07.2022

This is about … .

Key Management

  • Keys should be rotated regularly.
  • Keys should not be able to decrypt all the data.
  • Keys should not be permamnently deleted at once by one person.
  • Plan for a massive availability risk by ensuring master keys are durable in the face of hardware failure or other unexpected events that may destroy a single copy of it
  • In case of a breack, remove access to master keys to protect the data encrypted under this master key


Expand … Something here