Information Technology Reference
In-Depth Information
data. to. be. shared. and. transported. safely.. Again,. the. com-
plexities.of.key.management.are.beyond.our.scope,.but.the.
point. should. be. recognized:. encryption. can. be. a. logistical.
and.management.challenge.
Encrypting.data.while.in.storage.is.only.part.of.the.pro-
cess..If.you.need.to.transport.or.share.that.data.with.some-
one.you.have.to.consider.the.ways.and.means.of.maintaining.
that.encryption.during.transport.
If. you. are. physically. delivering. the. data,. the. data. can.
remain.encrypted.on.your.storage.device.and.you.can.provide.
the.key.to.the.recipient..If.you.are.sending.it.via.encrypted.
e-mail,.you.will.need.to.have.a.method.to.share.a.key.securely.
with.the.recipient.
If.you.intend.to.provide.access.to.the.data.over.the.Internet.
or.a.network,.you.will.need.to.provide.the.recipient.with.an.
encrypted.“tunnel”.(such.as.VPN,.virtual.private.network).or.
an. encrypted. Web. protocol. (such. as. SSL,. Secure. Sockets.
Layer,.or.what.you.would.see.as.an.HTTPS.Web.page;.or.
SFTP,.Secure.File.Transfer.Protocol).
Again,. the. management,. development,. and. logistics. of.
creating. and. maintaining. these. controls. exact. a. price. in.
resources.and.time..The.need.to.use.these.encryption.con-
trols.will.have.to.be.weighed.against.the.actual.risk.model.that.
its.with.the.data.you.are.protecting.
All.of.these.systems.and.controls.depend.on.being.able.to.
authenticate. the.identity.of.the.person.requesting. access.to.
data.and.to.determine.whether.that.person.actually.has.the.
right.to.access.the.data..This.is.known.as.identity.manage-
ment,. and. there. are. a. whole. set. of. tools. and. protocols. set.
up. to. facilitate. this. process.. These. tools. and. protocols. rely.
on.databases.of.information.that.store.identifying.information.
and.authentication.credentials.as.well.as.the.rights.each.iden-
tiied.entity.has.to.certain.stores.of.information.
Some.of.these.identity.management.tools.facilitate.what.
is.known.as.“single.sign-on,”.allowing.a.user.to.log-in.once.
to.an.organization.and.be.authenticated.via.the.identity.man-
agement. system. to. gain. access. to. disparate. sets. of. data. or.
