TDT> I don't feel confident enough in my own knowledge of
TDT> cryptography/security to be sure that I've made the right decision on a
TDT> vault system for myself, let alone be confident in what I'm recommending
TDT> to my users who may have different requirements than my own.
One big thing, IMHO, is to keep it where other people can't get at it in
the first place. The encryption is so that if someone steals your
database, they still can't (or at least can't easily) use it; but first
and foremost, you should be taking steps to make it hard for them to steal
your database. Keep it on a system that other people can't log in to, make
it non-world-readable, etc.
(Same goes for things like SSH keys, SSL certs, etc.)
-Josh ([email protected])
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
