Date & Time:  Tuesday 7 August 2007 10:15 AM

When you combine security and privacy requirements on information with the need to cost effectively manage it through its lifetime - a number of interesting challenges emerge. This session will focus on best practices for managing information while protecting its security and respecting privacy. In particular when data is encrypted the disciplines for key management, search, and indexing require careful planning and implementation. In addition long term retention of data and the use of service providers adds difficulties to maintaining access while protecting the confidentiality and integrity of the data.

At the end of this session you should understand:

1. What are the issues for key lifecycle management as they relate to information lifecycle management including retention of the keys, revocation of the keys, secure data disposal and the relationship of key access to information access control
2. What are the techniques available and best practices for maintaining access to data over its lifecycle while protecting confidentially and integrity of the data
3. What planning should you be doing to prepare for security implications for your information lifecycle implementation

Instructors

• Gordon Arnold, Sr. Technical Staff Member, IBM