What plan do you have in place for storing master keys for things such as database encryption with sensitive information? We are opting to not use our HSM for this project, instead will use DPAPI software encryption.
There's been a proposal of having primary / backup of two different groups who come to the table with half the master password. Therefore no single individual would ever know the full password.
Thoughts? What's your plan?
No comments:
Post a Comment