Best Practice for Lifecycle Crypto Key Management

Organisations utilising cryptography for securing confidential information have the choice of hardware and software based solutions depending on the nature of the data in need of encryption. Arguably, the weakest link in the chain is the cryptographic keys used to encrypt and decrypt the data. This is due to the constantly increasing processing power of today’s computers and the length of time it may take to compromise the keys through an exhaustive key search. Therefore, these organisations must regularly revoke, update and distribute the keys to the relevant parties in order to reduce the risk of internal and external threats.

Many sectors, including banking and governmental, have the time consuming task of tracking and managing ever-increasing numbers of keys to ensure the right keys are in the right place at the right time. The vast amounts of keys needed for the daily operations of applications using crypto will lead to an army of administrators if the keys are managed manually. Hence, automated key management systems are now a necessity for these organisations if they are to keep on top of the workload, and reduce their admin costs.

Key management will come in many variations with some more suitable for enterprise settings while others are more scalable, designed for the huge numbers of keys as utilised in the banking industry. Different requirements need different solutions, however, there are some general issues which must be addressed if the implementation of such systems are to be successful in terms of functionality, compliance, availability and keeping costs at a minimum. A short list of best practice procedures is below:

• De-centralise encryption and decryption
• Centralised lifecycle key management
• Automated key distribution and updating
• Future proof – supporting multiple standards, e.g. PCI DSS, Sarbanes-Oxley and FIPS 140-2
• Support for all major hardware and software security modules to avoid vendor tie-in
• Flexible key attributes to eliminate paperwork
• Comprehensive searchable tamper evident audit logs
• Transparent and streamlined processes
• Base on open standards to Minimise development time when integrating new applications

With a system combining these elements, key management can eliminate many of the risks associated with human error and intentional attacks on the confidential data. It may also allow the flexibility for providing security for applications which might otherwise have been deemed too costly for cryptography.

Regardless of industry or solution an organisation may choose, the above list, at the very least, should be the cornerstone of any key management system, to not only enable a high level of security but to improve processes and provide short and long term savings.

Crypto-Prescription: How to Pretend You’Re Not Giving Advice When You Are.

Giving advice is risky business. You lose friends. You get accused of being bossy, nosey, a know-it-all, controlling. It can invite reciprocation, and, if like many of us you are better at dishing out advice than taking it in, that’s no fun. People in glass houses shouldn’t throw stones.

Fortunately, some rhetorical tricks can make our glass houses shatterproof, at least when we want to give advice to the gullible: ways to prescribe from deep cover, ways of giving advice by stealth, undetectable, at least to the unsuspecting. Here are a few, inspired by that sweepingly crypto-prescriptive and sanctimonious pop-psych best seller “A New Earth” (by Eckhart Tolle) and my conversations about it with friends who argue its case, and then when challenged, deny that it is making one.

I don’t mean to tell you what you should do, but… I can just preface my advice with a claim that I’m not giving any. This technique shouldn’t work. We all know that talk is cheap and that it’s easy to claim a motive other than the one that drives us. I could say, “I don’t mean to kick you,” and then give you a hearty boot. What would stay with you is not my declared intent but the bruise. Still, as cheap as talk is, in a pinch I can deny any intent to advise, and some will take me at my word. That should shut them up.

Look, I’m merely stating facts… We’d love a reliable recipe for right and wrong behavior. Failing that we cling to unreliable ones, including those for distinguishing between right and wrong interventions in other people’s lives-between “telling people what to do” (which sounds bad) and “sharing” (which sounds nice and generous). A lot of these have to do with word choice and sentence structure. For example, one recipe would contend that sentences in command form (“stop smoking!”) are clearly telling people what to do, whereas declarative statements (“I don’t like smoke”) or statements of fact (“Smoking one cigarette shortens average life expectancy by seven minutes”) are supposedly just sharing. Of course that’s not true. A lot of what we say isn’t in the words but the context, the timing, the situation, the voice tone, and the eyebrows. If, in the context of your smoking a cigarette, I come over, raise my eyebrows, and in a cautionary tone relay some fact about cigarettes and cancer, that’s giving advice. With the gullible, I may get away with denying it by claiming that the sentence structure means it wasn’t advice. That should shut them up.

Look, I merely said… The first two ploys illustrate a feature common among crypto-prescription ploys. Think of them as single-spaced strategies. Like single-spaced formatting, a single-spaced strategy denies any room to read and write between the lines. If challenged (“My, Jeremy, you’re awfully bossy!”) I can slide away by claiming that all the meaning was in the words themselves, as though my orchestrated tone and gesture are to be completely ignored. “Hey, don’t try to read between the lines, I merely said smoking shortens life expectancy (or whatever).” That should shut them up.

It’s all good… Broadly speaking, life can be viewed from two perspectives. One is the personal and local where I want my life to work, or more generously where I want everyone’s life to work and so seek out better strategies and actions. The other is more cosmic, the perspective of the great sweep of geological time from which our human thrivings and strivings are “all good”-the grand scheme in which they don’t mean very much if anything at all. People who couch their advice in cosmic contexts (spiritual teachers, gurus, self-help authors like me) have an opening therefore to hide their local prescriptions for how to live within a cosmic “it’s all good” cover. This is especially handy if you’re preaching one of those “don’t be judgmental” theories. It’s awkwardly hypocritical advising people not to judge. “You shouldn’t judge” has the word “shouldn’t” in it, which is judgmental. That kind of anti-advising advising calls for subterfuge, and so if I can say, “I’m not advocating anything because I surrender to the great cosmic nature of things,” I can get away with giving the advice but not having to take any guff for being hypocritical. I can avoid all debate about whether the advice is sound. As soon as someone challenges me, I can say, “Whoa, why are you getting so critical? I wasn’t giving advice. I believe in the cosmic oneness and it’s all good.” That should shut them up.

Your behavior is egomaniacal-not that that’s necessarily a bad thing… Another verbal trick is to smuggle advice into “facts” in the form of loaded terms. For example, if I said, “In fact, people get scared and start judging people when their egos are threatened. They go on the attack for ego gratification, to feel superior to their fellows,” the sentence structure is declarative, but it’s full of judgmental words. Describing people as “scared and feeling threatened” suggests that they’re weak or off-balance. “Judging people” is meant to be pejorative. (One shouldn’t judge other people, or so the judgment goes.) “Ego gratification” sounds indulgent, and “feel superior to your fellows” doesn’t sound healthy at all. Taking the loaded words into account, my target could accuse me of being highly judgmental and prescriptive, but I can deny all that because on the face of it I’ve just made an innocuous declaration of correlation. I mean, I’m not prescribing, I’m describing. What’s wrong with that? That should shut them up.

Look, you take it any way you want… Despite the dubious implications of single-spaced strategies, there’s always plenty of room to read and write between the lines of things we say. They’re open to interpretation. The meaning we take from things people say could be the intended meaning or something we read into them-it’s always a little ambiguous. It is often unclear who is responsible for a particular interpretation-did I really intend it or are the hearers reading it in? Given this ambiguity, I can smuggle in advice and then accuse people of reading it in. Indeed, with a little gesture I can point my gun barrels at their glass houses. I can act shocked at their “misinterpretation” and dismayed at what it reveals about them. “Wow, my innocuous message is sure stirring something up in you. I wonder what makes you react so inappropriately to what I said.” That should shut them up.

Look, I’m only trying to help… If all such crypto-prescripto techniques (and there are more) fail me, and someone reveals the ways in which there can be no denying that I’m giving advice, I can switch swiftly to a “well, what’s wrong with that?” approach. But I’d best do that stealthily too. It’s no good saying I’m against advice and then when pressed claiming that I’m for it. Still, I can have much the same effect under the radar, if after being cornered, I act wounded, saddened by their lack of gratitude for my generous offer of guidance. That should shut them up.

Double protecting: I can use these tricks to sneak in any kind of judgment or advice, but they have special powers when applied to judging and advising that people shouldn’t judge or give advice. Once my judgment against judgment gets a foothold of credibility in conversation, I can use it to deflect any challenges on the merits of my judgment against judgment. I can employ the theory to deflect any critique of my theory. If someone says, “Jeremy, your advice is flawed,” in addition to all these tricks that let me deny that I’ve given advice, I can also simply claim that they’re being judgmental. Double protecting a theory like this is an old trick for putting totalitarian dogmas on firm footing.

“Our faith has the power to condemn you as a sinner, and if you question our standards, that means you are a sinner for sure.”

“We’ll blacklist you if we decide you’re a communist, and if you question our judgment, then you clearly are a communist.”

“You are condemned as egomaniacal if you cast judgment, and if you doubt that this is a reasonable standard, that’s evidence enough that you are an egomaniac.

That should shut them up.

But don’t let it shut you up.

I’m an out- of-the-closet theorist in anti-theory society. I’m an evolutionary epistemologist, meaning a researcher and teacher focused on the ways we all generalize, drawing conclusions from inconclusive data, shopping among interpretations of evidence, theorizing and employing abstractions whether we know it or not. I look at how we do this stuff and how we could do it better.

I have worked in businesses, non-profits and academics. My Ph.D. is in Evolutionary Epistemology and I also have a Masters in public policy. I’ve written several e-books including “Negotiate With Yourself and Win! Doubt Management for People who can hear themselves think,” and “Executive UFO: A Field Guide to Unidentified Flying Objectives in the Workplace.” I have taught college-level psychology, sociology, Western History, theology, philosophy and English. I’m currently a research collaborator with Berkeley professor Terrence Deacon in what’s called Emergence theory: How life emerges from non-life and how things change when it does.

Spiritually, I’m a Taowinist, a cross between Tao and Darwin, meaning I think of life as a difficult open-ended tension between holding on and letting go. The path to living well isn’t through finding something eternal to hold on to or letting go of everything as some spiritualists suggest, but in managing and appreciating the tension, especially through the arts and sciences. Philosophically and interpersonally, I’m an Ambigamist: Deeply romantic and deeply skeptical.

What Might Be Next In The Economy?

Since, we don’t have a crystal ball, it is impossible to predict, accurately, the future! This is especially true, when, it comes to economic issues, including investment, real estate, interest rates, inflationary pressures, government actions, international factors, etc. What are the ramifications of inflation, recession, interest rates, Federal Reserve Bank decisions, etc? How can one, hedge – his – bet, in order to minimize unnecessary risks, while receiving a quality return, also? There is no simple answer, because so many factors, have significant influences. With, that in mind, this article will attempt to briefly, consider, examine and review potential factors, in order to help readers, have a more – complete understanding of the possibilities.

1) Interest rates: We have experienced a prolonged period of historically – low – interest rates. This has created easy money, because the cost of borrowing is so low. Both individuals and corporations have benefited, at least, in the immediate- term, permitting home buyers to purchase more house, because their monthly charges, are low, due to low mortgage rates. Corporate and government bonds, and banks, have paid low returns. It has stemmed, inflation, and created a rise in home prices, we haven’t witnessed, in recent memory. The Federal Reserve Bank has signaled they will be ending this propping – up, and will also raise rates, probably three times, in 2022. What do you think that will cause.

2) Auto loans, consumer loans, borrowing: The auto industry has been, significantly, impacted by supply chain challenges. When rates rise, auto loans and leases, will be more costly.

3) THis pattern began after the Tax Reform legislation, passed at the end of 2017, which created the initial, new, trillion dollars deficits

4) Government spending, caused by the financial suffering and challenges, because of shut downs, etc, because of the pandemic, created trillions more in debt. Unfortunately, debt must be eventually addressed.

5) Perception and attitude: The past couple of years,apparently, created a public perception, plus many fears, with a crippling economic impact.

Either, we begin to plan, effectively, and with common sense and an open – mind, many will be at – risk. Wake up, America, and demand better leadership, service and representation.

Some Dangers From Pandemic Fatigue

Open your Bible to 1 Thessalonians 4:1 it says… Finally, then, brothers, we ask and urge you in the Lord Jesus, that as you received from us how you ought to walk and to please God, just as you are doing, that you do so more and more. Go ahead and highlight that scripture.

Will you trust God to teach you in the way you should go? You need wisdom to live for His righteousness, His love and devotion to Christ Jesus. You see, you have to develop the habit of listening to God. He may give you direction you have never had before. Like what? God wants you under the influence of His Word. God wants you to live by godly principles in His Word.

God wants you to give Jesus first place! This is vital for your Christian walk! Jesus is your connection to the throne of God. You see, in this world, it is very easy to become distracted from God. Many people follow some other path apart from God’s will. But the foundation of all spiritual truth is obedience to God through the power of the Holy Spirit.

The Bible tells you to praise the Lord! He is truly worthy of worship. Love no one not even yourself – more than you love God. Every morning you should be asking God to fill you with His presence. You want to be filled by the Spirit so that you’re led by Him. You love the Word, study the Word and learn the Word. Why? To live your life to please God. His Word is true wisdom for you to walk in His instructions.

If you want to live your life to please God give His Word a place of first priority! Scriptures will come alive on the inside of you. You’re knowing God for yourself and the importance of being led by the Spirit of God. Many people won’t like the new you, but you’re not living to please people, you’re living to please God.

You don’t need people approval when you have God’s approval! You want the praise of God more than the praise of people. Quit worrying about what everyone thinks and do what God has put in your heart.

God will put a new testimony in your mouth! You may think there is a lot wrong with you, but there is also a lot right with you. God is continually shaping and molding into the person He wants you to be. Stop focusing on what you can’t do, and start focusing on what God can do.

Serve God and worship Him and continue to seek His will. How? You have to establish a passionate relationship with God’s Word. Believe His Word, trust His Word, study His Word, thank Him for His Word. But always remember the devil will do everything he possibly can to lure you away from God. The devil does not want you to grow in the knowledge of King Jesus.

Many people never seriously read the Bible! But you need to be a student of God’s Word and doer of God’s ways. Be a Christian that reads scripture and prays. The Holy Spirit won’t adjust to you, you must adjust to Him! Use your voice to worship Him and lift up the name of Jesus! Now, raise your hands and say, “I live to please God, more and more!”