Genesys Cloud - Main

 View Only

Discussion Thread View
  • 1.  How to decide Encryption Key rotation interval?

    Posted 11-24-2023 05:18


    I would like to discuss about how to decide Encryption Key rotation interval.

    In this Resource Center article, it says "We recommend using scheduled key rotation with a short interval."

    In the past, I remember that it said at least Yearly interval is recommemded.

    -When you implemented Genesys Cloud, which interval do you chose? How did you choose th interval?

    -If we set very short inteval like Daily, Will we have any harmful effects?


    哲朗 藤澤

  • 2.  RE: How to decide Encryption Key rotation interval?

    Posted 11-27-2023 12:26


    We have Genesys Cloud Managed Keys and chose a yearly rotation interval. We change keys across the organization yearly anyways, so it made sense to stick with that cadence. We've never had an issue when rotating keys, so I don't see why doing it on a daily interval would have any impacts. The keys are owned and managed by Genesys so there's nothing special you need to do as they decrypt them for you.

    Really, it's all up to preference. 

    • What is your risk tolerance?
    • Do you maintain sensitive customer data?
    • Talk with your decision makers or management. 
      • How would they feel about an attacker getting a year of recordings vs one day?
      • How would they feel about there being an issue with encryption keys and you can't access calls because the key was changed daily? (This should never happen, but never say never)

    Caleb Smith
    Interstate Gas Supply, Inc.

Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources