4 managing data encryption license keys, Data encryption license key creation workflow, Creating data encryption license keys – HP StorageWorks XP Data Integrity Check XP Software User Manual
Page 17: Back up, Back up secondary data
4 Managing data encryption license keys
This chapter provides information on how to manage data encryption license keys. Managing the
keys includes ensuring availability of keys and accessibility to the encrypted or decrypted data.
Manage data encryption license keys using the EDKA feature in the P9500 storage system.
You must have the Security Administrator (View & Modify) role to manage data encryption license
keys.
Data encryption license key creation workflow
Create a data encryption license key to use with the EDKA feature.
Use the following process to create a data encryption license key:
1.
Create the data encryption license key or group of keys.
For more information about creating keys, see
“Creating data encryption license keys”
.
2.
Back up a secondary data encryption license key.
Schedule regular backups of all of your data encryption license keys at the same time one
time every week to ensure data availability.
For more information about backing up secondary keys, see
encryption license key workflow” (page 17)
.
Creating data encryption license keys
If you need to change a data encryption license key, create a new data encryption license key.
You can create up to 32 data encryption license keys per storage system. Keep at least two keys
unused at all times so that you can change an existing key.
1.
In the Administration tree, click Encryption Keys.
2.
In the top window, click the Encryption Keys tab.
3.
In the Encryption Keys table, select an unused key ID to use as the new data encryption license
key and then complete one of the following:
•
Click Create Keys.
•
Click Settings > Security > Encryption Keys > Create Keys.
4.
In the Create Keys window of the Create Keys wizard, click Finish.
5.
In the Confirm window of the Create Keys wizard, complete the following and then click Apply:
•
Confirm the settings.
•
For Task Name, type the task name.
•
(Optional) Select Go to tasks window for status to open the Tasks window.
The new data encryption license key is created.
Back up secondary data encryption license key workflow
The P9500 storage system automatically creates a primary backup of the data encryption license
key. Back up a secondary data encryption license key.
CAUTION:
Securely store the secondary backup data encryption license key. Include this process
in your corporate security policy.
If the primary data encryption license key becomes unavailable and a secondary backup data
encryption license key does not exists, the system cannot decrypt encrypted data.
Data encryption license key creation workflow
17