1.1. This Cryptography, Encryption, and Key Management Policy outlines the procedures and guidelines for the secure use of cryptography, encryption, and key management within Wave Talent.
1.2. The purpose of this policy is to ensure the confidentiality, integrity, and availability of sensitive information and data assets.
2.1. Encryption will be used to protect sensitive information and data assets both in transit and at rest.
2.2. Strong encryption algorithms and protocols will be employed, following industry best practices and standards.
2.3. Encryption will be implemented for communication channels, such as email, file transfers, and remote access connections.
2.4. Encryption will also be applied to stored data, including databases, file systems, and backup media.
2.5. Encryption keys will be securely managed and protected to prevent unauthorised access.
3.1. Key generation, distribution, storage, and disposal will be performed following secure key management practices.
3.2. Cryptographic keys will be protected against loss, theft, or compromise.
3.3. Key management procedures will include the use of strong passwords, two-factor authentication, and secure storage mechanisms.
3.4. Key rotation and renewal will be implemented to ensure the long-term security of encrypted data.
3.5. Key recovery procedures will be established to facilitate data access in case of key loss or unavailability.