Key Management for the Cloud

Thales e-Security provides a unique range of encryption key management services for enterprises using IaaS, PaaS, SaaS and cloud services providers.

Key Management

As organizations move increasing amounts of sensitive data to their IaaS, PaaS, SaaS and cloud services provider environments, strong encryption key management is more essential than ever. Separating data from keys is required by many compliance mandates and meets security best practices outlined by the Cloud Security Alliance, among others.

Thales e-Security provides robust, scalable cloud encryption key management solutions that align with any cloud strategy and help ensure that the enterprise controls its own data. Our partnerships include all major players in cloud computing, and continue to grow as enterprises increase their adoption of the cloud.

Secure Key Management for Traditional Cloud Data

Enterprises enjoy numerous benefits from offloading workloads to traditional cloud services providers, such as co-location services, managed services providers and others, but still need to ensure the security of their data. Some cloud providers permit "bring your own" encryption, while others offer encryption natively. While the data encryption may occur in the cloud provider's environment, customers must maintain control of the keys that secure their data.

Secure Key Management for SaaS Data

Gartner reports that enterprises now spend tens of billions of dollars on software-as-a-service offerings, with continued growth expected. While some SaaS providers have added encryption to their increasingly powerful applications, ensuring the security of sensitive data is ultimately the customer's responsibility. This includes key management in compliance with data security and privacy mandates.

Secure Key Management for Public Cloud Data

When using public cloud services such as AWS, Microsoft Azure or others, some enterprises will send encrypted data to the cloud, while others may utilize the encryption offered by the cloud provider. Whichever approach applies to your enterprise, controlling the encryption keys is critical to maintaining control of your data.

Key Management Solutions for Traditional Cloud Services

Thales e-Security partners with leading cloud services providers to support enterprise data encryption strategies. Whether you leverage a Vormetric Data Security Manager deployed in the provider's environment or you deploy your own DSM, we work with CSPs to ensure you have control over the encryption keys.

Key Management Solutions for SaaS

Thales e-Security offers Vormetric Key Management as a Service for Salesforce Shield customers. Many SaaS providers utilize Vormetric Transparent Encryption, which can provide a unique key per customer. We work to partner with other leading SaaS providers to enable them first to encrypt sensitive data and then enable customers to bring their own keys to enhance regulatory compliance.

Key Management Solutions for Public Cloud Services

To alleviate concerns about unauthorized access to encryption keys, as well as potential compliance violations, Thales e-Security nShield HSMs support bring your own key API’s offered by Amazon Web Services, Microsoft Azure, and Google Cloud Platform. With a single on-premises nShield HSM, you can generate, store, wrap, and export keys to multiple public cloud providers.

Alternatively you can bring your own encryption (BYOE) and manage your own keys with Vormetric Transparent Encryption running in the cloud and the Vormetric Data Security Manager operating on your premises or in the cloud.

Security and Regulatory Compliance

Whatever cloud strategy you leverage - traditional, SaaS, public or hybrid - Thales e-Security helps you separate the keys from the data to ensure compliance with regulations and standards such as PCI DSS, HIPAA and others.

Gain Privileged User Access Controls and Security Intelligence

Gain distinct advantages when you bring your own encryption (BYOE) to public cloud providers:

  • Granular access controls that prevent risk of data loss due to compromised privileged user credentials.
  • Detailed security management logs that specify which processes and users have accessed protected data.

Learn more at Vormetric Transparent Encryption

Efficient and Convenient Key Management

From a single, centralized nShield HSM you can bring your own keys to public cloud providers. A web interface to Vormetric Key Management as a Service gives you control of your sensitive data in SaaS environments.

Maintain the Flexibility to Change CSPs

With Thales e-Security's easy-to-use key management, enterprises can more easily move their data to other cloud environments. When you control your sensitive data in the cloud, you can rapidly change infrastructure providers as business requirements change.

Research and Whitepapers : keyAuthority Report - Ovum

Read what industry analyst Ovum found in their technology audit of our keyAuthority enterprise key management solution.

Download

Assista a nossa demonstração interativa Explore
Agende uma demonstração ao vivo Agende
Entre em contato com um especialista Fale conosco