Cryptography Policy template

Cryptography Policy

The objective of the Cryptography Policy and controls is to address confidential data that is at rest (including portable devices and removable media), in motion (transmission security), and encryption key standards and management.

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. REQUIRED USE OF ENCRYPTION
4. DATA AT REST
4.1 COMPANY LAPTOPS AND WORKSTATIONS
4.2 COMPANY MOBILE DEVICES AND PHONES
4.3 REMOVABLE STORAGE
5. DATA ENCRYPTION IN TRANSIT
5.1 WAN
5.2 WIRELESS NETWORK
5.3 VPN
5.4 APPLICATION PORTALS
5.5 REMOTE DESKTOP
5.6 EMAIL
6. KEY MANAGEMENT
6.1 KEY GENERATION
6.2 KEY PROTECTION
6.3 DISTRIBUTION
6.4 STORAGE
6.5 USAGE PERIODS, ROTATION AND ARCHIVAL
6.6 UPDATING AND RENEWAL
6.7 RETRIEVAL AND REVOCATION
6.8 BACKUP AND RECOVERY
6.9 RETIREMENT
6.10 DESTRUCTION
7. EXCEPTIONS
8. FINAL CONSIDERATIONS
8.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
8.2 DOCUMENT REVISION

Pages: 12

Review Cryptography Policy.

Related Products:

€1,699.00

Purchase

This bundle contains all the products listed in the Data Governance section. Take advantage of the 25% OFF when buying the bundle!

€49.00

Purchase

The objective of the Network Security Policy is to ensure the security of data transfers across Company’s networks and that an adequate level of security exists to protect the network infrastructure.

€49.00

Purchase

The objective of the Internet Access and Usage Policy is to define standards for systems that monitor and limit web use from any host within Company’s network.