Responsibilities and Considerations in Secrets Management

Contributed by Adam Yarborough
Secrets management is an aspect of information security management needed for organizations of all sizes. Small organizations may leave all the important passwords in the control of the owner, where larger organizations may have multiple teams dedicated to different facets of information security. This paper will inspect the creation and adoption of specialized roles in information security management with a focus on secrets management. There are commonalities shared between the carefully guarded recipes of a family restaurant, the intellectual property holdings of startups looking for acquisition, and classified credentials protected by nation states. Associated with those commonalities are roles and their positions in the organization structure that were created to protect confidentiality, integrity, and availability. A person may be able to easily remember a single password, like for a website, but maintaining multiple unique passwords across many sites will soon lead to either password re-use or lost credentials. The same happens with organizations of all sizes
 
This document is in PDF format. To view it click here.

Rate this article: 
No votes yet