From Remote Endpoint STIG
Part of SRC-EPT-590 Backup and store key
Associated with IA controls: ECSC-1
If the encryption key is lost, the data will be nonrecoverable.
Interview a sampling of remote users to verify that they store a copy of the private encryption key in a secure location (e.g., floppy disk, CD, etc.). If they do not follow this procedure, ask if they were trained on this requirement and examine the sites remote user agreement or training documentation for a description of this procedure. If the user is does not have a back up of the private key, this is a finding. If users are not available for interview and this requirement is not addressed in either user training or user access agreement, this is a finding.
Develop and implement a process to ensure a backup of the encryption key is stored in a secure location.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer