Share
Explore BrainMass

Encryption keys/Global Internet Policy

What do you think about encrypted keys?
Private corporate data is often encrypted using a key, which is needed to decrypt the information. Who within the corporation should be responsible for maintaining the "keys" to private information collected about consumers? Is that the same person who should have "keys" to employee data? Should there be a global Internet privacy policy?
Just trying to get ideas to start another discussion

Solution Preview

The National Institute of Standards and Technology (NIST) manages encryption algorithm standards and has created recommendations for encryption key management. Typically the chief information officer is responsible for maintaining the keys to private information collected about consumers. This task may be delegated, based upon a careful review of employee ability, loyalty, and dedication. The text points out that information guidelines must come from above, for instance, from the CEO, CFO, etc.

It is better for the corporation to mitigate risk by having ...

Solution Summary

This solution discusses use of encrypted keys, who should be responsible for maintaining keys, and if that same employee should have keys to employee data. It also discusses if there should be a global Internet privacy policy. APA formatted references included.

$2.19