Encryption enablement
You can enable encryption by using USB flash drives to copy the encryption key to the system or by configuring an encryption key server.
Note: The USB flash drive method and key server method cannot be used in parallel on the same
system.
The following list of encryption key server and USB flash drive characteristics might help you to choose the type of encryption enablement that you want to use.
Key servers can have the following characteristics:
- Physical access to the system is not required to process a rekeying operation.
- Support for businesses that have security requirements not to use USB ports.
- Strong key generation.
- Key self-replication and automatic backups.
- Implementations follow an open standard that aids in interoperability.
- Audit detail.
- Ability to administer access to data separately from storage devices.
USB flash
drives have the following characteristics:
- Physical access to the system is required to process a rekeying operation.
- No mechanical components to maintain with almost no read operations or write operations to the USB flash drive.
- Inexpensive to maintain and use.
- Convenient and easy to have multiple identical USB flash drives available as backups.