Master Key Change Service – change your master keys and develop your procedures as you go
Many shops have implemented crypto technology and loaded master keys, but never changed those master keys. In some cases, the master keys were loaded using a passphrase. While this is a great way to get started, the simple passphrase is the key to all of your data (and anyone and everyone that knows that passphrase, knows your master keys). In other cases, the ICSF panels may have been used to load key parts, but those key parts have been lost or maybe whoever did the loading has long since moved on or retired.
In either case, changing the master keys and securely storing those key parts is highly advised.
Mainframe Crypto can help you through the process of changing the master keys and getting to a position where the master keys are documented and available when needed.
Mainframe Crypto will spend the day with you providing an educational session on the process of using the ICSF panels to perform a master key change and then we’ll walk through the process with you, step-by-step. At the end of the day, your master keys will have been changed and you’ll have the master key material that you need to reload those master keys in case of an emergency. In addition, you’ll capture the screens and document the master key change process for your unique environment.
Once you complete the master key change process document for your environment, Mainframe Crypto will review the document providing feedback on the instructions that will become part of your operational procedures.
Whether you have to load the keys in a newly installed crypto device, or have a true disaster and must load the master keys at your disaster recovery site, or a key officer leaves and you need to change the master keys on short notice – you’ll have the experience as well as the documentation to make the next exercise even easier. Contact us for details!