Key Management. Where encryption is utilized, Convercent will maintain a key management process that meets the following minimum requirements: a. At least one key custodian must be officially designated. b. Key custodians must ensure that all keys used in a storage encryption solution are secured and managed properly to support the security of the solution. c. Key management must be planned to include secure key generation, use, storage and revocation. d. Key management practices must support the recovery of encrypted data if a key is inadvertently disclosed, destroyed or becomes unavailable. e. Key custodians must ensure that access to encryption keys is properly restricted to approved administrators. Private keys must not be stored on the same media and/or virtual instance as the data they protect. f. Authentication must be required in order to gain access to keys. g. Keys should be rotated annually and must be replaced before they expire.
Appears in 4 contracts
Samples: Master Services Agreement, Master Services Agreement, Master Services Agreement
Key Management. Where encryption is utilized, Convercent will maintain a key management process that meets the following minimum requirements:
a. 1. At least one key custodian must be officially designated.
b. 2. Key custodians must ensure that all keys used in a storage encryption solution are secured and managed properly to support the security of the solution.
c. 3. Key management must be planned to include secure key generation, use, storage and revocation.
d. 4. Key management practices must support the recovery of encrypted data if a key is inadvertently disclosed, destroyed or becomes unavailable.
e. 5. Key custodians must ensure that access to encryption keys is properly restricted to approved administrators. Private keys must not be stored on the same media and/or virtual instance as the data they protect.
f. 6. Authentication must be required in order to gain access to keys.
g. 7. Keys should will be rotated annually and must be replaced before they expire.
Appears in 2 contracts
Samples: Master Services Agreement, Master Services Agreement
Key Management. Where encryption is utilized, Convercent will maintain a key management process that meets the following minimum requirements:
a. 1. At least one key custodian must be officially designated.
b. 2. Key custodians must ensure that all keys used in a storage encryption solution are secured and managed properly to support the security of the solution.
c. 3. Key management must be planned to include secure key generation, use, storage storage, and revocation.
d. 4. Key management practices must support the recovery of encrypted data if a key is inadvertently disclosed, disclosed or destroyed or becomes unavailable.
e. 5. Key custodians must ensure that access to encryption keys is properly restricted to approved administrators. Private keys must not be stored on the same media and/or virtual instance as the data they protect.
f. 6. Authentication must be required in order to gain access to keys.
g. 7. Keys should will be rotated annually and must be replaced before they expire.
Appears in 1 contract
Samples: Master Services Agreement