Organizational Leadership – Global Public Key Infrastructure
C200 – Managing Organizations and Leading People – Task 1Matthew Hurley – Student ID: 000274445Western Governors University[pic 1]A.1. Global Public Key Infrastructure is an organization that provides public key infrastructure (PKI) support to networks around the world. Worldwide organizations are required to protect their networks using this technology and must follow strict guidelines laid out by the National Security Service in Instruction No. 1300, “Instruction for National Security Systems Public Key Infrastructure X.509 Certificate Policy under CNSS Policy No. 25” (CNSS, 2014). Global Public Key Infrastructure handles this responsibility for these organizations by building the infrastructure and providing sustained support.So, what is a public key infrastructure (PKI)? A public key infrastructure allows for the secure transmission of data over networks like the internet. PKI uses the exchange of digital cryptographic keys, by people and equipment, to provide confidentiality, integrity, and non-repudiation. By using these cryptographic keys, a public key infrastructure also provides authentication by identifying the source and intended destination of all data, and prohibits all others from intercepting that data. These keys are created, distributed, managed, and destroyed, by a hierarchy made up of equipment (Certificate Authority), software, policies, and people in trusted roles.[pic 2][pic 3]
Global Public Key Infrastructure is divided into four sections made up of full-time employees and contractors; Leadership, Policy and Plans, Systems Administrators, and Trusted Roles. Below is a brief description of what is required of each section:Leadership consists of one Chief Information Officer (CIO) and six regional PKI Leads. The PKI leads define the requirements within their regions and, after CIO approval, prioritize and assign the work to be performed by the Trusted Roles. The Policy and Plans section uses the X.509 Certificate Policy to develop standard operating procedures, training, and audit policies. Systems Administrators maintain the equipment (Certificate Authority server) that holds the keys and troubleshoot compatibility issues between applications and systems. Trusted Roles are responsible for determining the need for keys to be generated and for vetting systems and individuals. Trusted Roles include the following:Trusted Agents interact with the users directly to gather information and issue keys once they are received from the Local Registration Authority or Registration Authority. Local Registration Authorities register users using information received from the Trusted Agents and generate the actual certificates (keys). Registration Authorities can do everything a Local Registration Authority can do, but they also have the ability to revoke and recover keys.A.2. Global Public Key Infrastructure’s leadership starts with the CIO, Mr. Bill More. Bill is young, experienced, and provides a large range of knowledge both on the functional and business sides of the company. Using the Five Practices of Exemplary Leadership Model (Posner, 2003), by James Kouses and Barry Posner, it is easy to see why Bill is so good at what he does. Bill clearly uses the five practices and ten commitments to bring everyone together. It is easy for employees to “buy-in” to a process that is well organized and proven. [pic 4][pic 5]