...
The data at rest security policy will be applicable to application business sensitive data, covering cover, the following aspects,
- encryption algorithm
- data handling policy
- data recovery policy
- key rotation policy
- key Information
...
Data handling policy will define, how the sensitive data will going to be handled, when user changes on encryption algorithm .change,
- RETAIN
- DESTROY
- DESTROY_ON_SECURITY_BREACH
...
On power recycle, followed by a network outage, the EVE node may require physical access/user intervention,
to decrypt the data vault, with the following options.
...
This will define the key rotation activation. The key rotation poilcy will be in the controller and will not be intimated to EVE.
...