Encryption Key Management Standards


Encryption Key: A piece of information used to encode or decode data with a cryptographic algorithm


Encryption Keys and their backups must be:

  • handled in a manner that permits properly designated University officials (Internal Audit, Information Security, and/or Campus Police) prompt access to all data, including for purposes of investigation and business continuity
  • physically secured when stored or transmitted offline
  • stored or transmitted separately from the data protected by the encryption key
  • retained for the lifetime of the data being protected.

Approved by the Chief Information Officer, February 24, 2011.