10-step Security and Vulnerability Assessment Plan
Use this plan to ensure your information system controls are correctly implemented.
The National Institute of Standards and Technology uses the perfect analogy when it comes to the importance of proper cryptographic key management:
Keys are analogous to the combination of a safe. If a safe combination becomes known to an adversary, the strongest safe provides no security against penetration.
Keeping that combination a secret from adversaries, in this case hackers and other nefarious types, through good key management practices is the focus of the NIST Recommendation for Cryptographic Key Management document.
Users and developers of keys face many choices when it comes to choosing cryptographic mechanisms, and the wrong selection can result in an "illusion of security" when no real protection is actually in place. These NIST guidelines help businesses and other organizations make the right decisions by providing background information on cryptographic key-based security and a framework that supports appropriate choices when selecting and using cryptographic mechanisms.
Make sure your information is kept secure by establishing comprehensive procedures for generating, storing, distributing and destroying keys.