Re: Oracle Advanced Security

  • From: David Robillard <david.robillard@xxxxxxxxx>
  • To: Job Miller <jobmiller@xxxxxxxxx>, Mary Sciuto <Mary.Sciuto@xxxxxxxxx>
  • Date: Mon, 25 Jun 2012 07:12:30 -0400

> use a hsm and your keys dont end up lost, unless the hsm eats them.

Excellent piece of advise.

We used HSMs from SafeNet to store the keys of our PKI's CA.
These devices are not cheap, but if your organization is ISO 27 001 or
is expected to comply with several security regulations in your
country, then they are quite inevitable. Make sure you have two of
them at the very least. Because you will need one to test your
procedures. And those procedures can be quite a challenge to put
together. Well, actually I think the amount of paper work related to
these systems might even be bigger then the actual work required to
get them up and running!

Have fun,


Other related posts: