Are your cryptographic keys truly safe? Root of Trust redefined for the cloud era

2021-06-17 05:30

In the digital world, cryptographic solutions use encryption keys to secure data at rest, data in use, and data in transit.

Now, you can and should encrypt the keys themselves, but then how do you protect those encryption keys? This cycle eventually ends with a root key, which is the most important key in the chain.

You need to protect your root keys in such a way that you have the highest level of confidence that they will never be compromised - this means you need a Root of Trust.

To further complicate matters, in more secure environments, you might need multiple root keys, for example for different business units or per applications, to mitigate the damage if any single key is exposed.

You need to look no further than the CLOUD Act to realize that your CSPs have immediate access to your keys and data.

Exclusive ownership of your encryption keys and signing keys.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/pcW0rWQCxsA/

#cloud #root