Increasing global integration affects organizations in many positive ways, but it also presents challenges. The volume of data that moves within an organization and among organizations across the globe grows dramatically with increased global integration. At the same time, increasing threats to the data from within and outside the organization, increasing regulatory requirements from governments or oversight committees, and stringent contractual requirements from business partners all challenge the organization’s ability to effectively manage their data and ensure that it is available, secure, resilient, and compliant.

Encryption is one of the ways that organizations can protect their data. This security technology requires the creation and management of encryption keys; one of the critical tasks within the overall scope of data security is managing those keys throughout their life cycle.

In this IBM® Redpaper publication we describe the challenges of key management. We provide an overview of data encryption itself and briefly discuss considerations for selecting encryption hardware and software. Then we take a detailed look at the issues related to managing and securing data encryption keys. We introduce the IBM Tivoli® Key Lifecycle Manager, and explain how it can be integrated within your existing IT infrastructure to strengthen your organization’s key management processes without adding complexity to the overall environment. In this context we describe two real-world customer scenarios to illustrate the value of this solution.

Executive overview

IBM Security Framework

IBM Security Blueprint

Data nomenclature

Key life cycle management

Customer scenarios

Summary