Because every CA Data Protection machine has a copy of the same enterprise certificate, the security of any data transfer is at risk if the enterprise private key is compromised. If this happens, you will need to distribute a new enterprise certificate and private key to all CA Data Protection machines. As with any PKI, we recommend that you regularly replace the enterprise certificate (that is, revoke the existing certificate and issue a new one). The CA Data Protection scheme has been designed to make this as simple as possible.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|