Is there a policy governing the whole lifecycle of cryptographic keys at Xoxoday?

Key access is restricted to the CTO and VP of Engineering. The Encryption policy covers the requirements for managing cryptographic keys through their whole lifecycle including generating, storing, archiving, retrieving, distributing, retiring and destroying keys.

Below is the link of the encryption policy:

Did this answer your question?