What is encryption key management?
Encryption key management is the administration of tasks involved with protecting, storing, backing up and organizing encryption keys.
High-profile data losses and regulatory compliance requirements have spurred a dramatic increase in the use of encryption in the enterprise. The problem is that a single enterprise might use several dozen different and possibly incompatible encryption tools, resulting in thousands of encryption keys -- each of which must be securely stored, adequately protected and reliably retrievable.
There are a number of encryption key management standards efforts underway. IEEE is developing P1619-3, a data storage key management standard. In addition, Brocade, Cisco Systems Inc., EMC, Hewlett-Packard (HP) Co., IBM Corp., LSI Corp., NetApp, Seagate Technology and Thales e-Security recently submitted a standard called the Key Management Interoperability Protocol (KMIP) to the Organization for the Advancement of Structured Information Standards (OASIS).
Vendors of encryption key management products include Entrust, NetApp (Decru), PGP, Protegrity, RSA (EMC), SafeNet (Ingarian), Thales, Venafi, Vormetric and WinMagic.