Streamline Key Management Across Multiple Cloud Services

Gain operational efficiency, compliance, and security by centrally managing multiple cloud provider encryption keys with CipherTrust Cloud Key Manager

CipherTrust Cloud Key Manager

For virtually every organization today, the adoption of multiple cloud services continues to expand—and so does the use of encryption. As the proliferation of encryption continues, so do the number of keys, and the potential risks. With the CipherTrust Cloud Key Manager, your organization can establish strong controls over encryption keys and policies for data encrypted by cloud services.

ciphertrust cloud key manager

Click Here To Access The Cloud Key Manager Portal

CipherTrust Cloud Key Manager supports a growing list of infrastructure-, platform- and software as a service (IaaS, PaaS and SaaS) providers. SaaS solutions include Microsoft Office365 users who leverage Microsoft Azure Rights Management and Salesforce Shield Platform Encryption. Supported IaaS/PaaS solutions include Microsoft Azure Key Vault and Amazon Web Services Key Management Services.

On-premises or private cloud deployment of CipherTrust Cloud Key Manager is available for customers facing the most stringent key management security mandates.

Gain Strong Key Control

Data Encryption solutions from leading public cloud providers such as Microsoft Azure, Amazon Web Services and Salesforce Shield Platform Encryption provide Bring Your Own Key (BYOK) services that enable customers to separate key management from provider controlled encryption. CipherTrust Cloud Key Manager utilizes BYOK services to deliver key generation, separation of duties, reporting, and key lifecycle management that help fulfill internal and industry data protection mandates.

Fulfill Best Practices

Separate encryption keys from data encryption and decryption operations for compliance, best security practices and control of your data. Gain operational insights on encryption key usage with dashboards, reports and logs with CipherTrust Cloud Key Manager.

Enjoy Enhanced IT Efficiency

CipherTrust Cloud Key Manager centralizes encryption key management from multiple environments. Each environment’s unique key management features and descriptive language is supported and dynamically presented in the user interface.

Comprehensive Key Management

Deploy CipherTrust Cloud Key Manager with any number of keys already created at your cloud provider. It will synchronize its key database with your provider’s. Key attributes such as expiration rules and usage options are all maintained.

True Multi-Cloud Support

With support for Amazon Web Services, Microsoft Azure and Microsoft Azure Germany and China national clouds, and Salesforce.com, CipherTrust Cloud Key Manager keeps you in control of encrypted data across multiple clouds from a single pane of glass.

Federated User Access to Key Management

Each cloud service login is authenticated and authorised by the service provider - CipherTrust Cloud Key Manager includes no login data base nor requires AD or LDAP integration. Granular key usage authorisation ensures that users see only permitted keys.

Implementation Choices that Match Your Needs

CipherTrust Cloud Key Manager is available as a service in the cloud or for on-premises deployment.

  • “As a Service” combines convenience with control required for many data security mandates. Keys are stored in a FIPS 140-2 Level 1 virtual appliance. There is no need to architect, deploy or maintain a high-availability key management solution on-premises.
  • “On Premises” allows highly regulated organizations to store encryption keys on up to a FIPS 140-2 Level 3 Common-Criteria-certified appliance, while leveraging a subscription-based pricing model.
Automated Key Rotation

Select keys for automated rotation, and CipherTrust Cloud Key Manager does the rest of the work. At intervals you choose, CipherTrust Cloud Key Manager updates the keys.

The Compliance Tools You Need

CipherTrust Cloud Key Manager has the full range of logs and reports you need for fast compliance reporting, including a per-cloud operational logs and a range of pre-packaged key activity reports.

Cloud Provider-Specific Semantics and Operations

You know that each cloud provider’s different key functionality creates complexity. CipherTrust Cloud Key Manager mitigates complexity with a common user interface experience across multiple clouds while presenting cloud service provider terminology and operations.

Supported Cloud Providers:
Key Security:
  • Cloud Service: FIPS 140-2 Level 1
  • On-Premises Service: up to FIPS 140-2 Level 3
Authentication Integration:
  • Microsoft Azure: OAuth Federation
  • Salesforce: OAuth Federation
  • Amazon Web Services: Key and Secret
Best Practices for Cloud Migration

White Paper : Best Practices for Secure Cloud Migration

Smart, centralized Cloud Key Management is only part of a broad strategy in adopting cloud services. Read this white paper to learn about Cloud Security Alliance Security Guidance v4.0 and specific customer use cases with actionable advice based on Security Guidance v4.0 to help you make real-world decisions for your secure cloud migration.

Download
CipherTrust Cloud Key Manager

Solution Brief : CipherTrust Cloud Key Manager

CipherTrust Cloud Key Manager reduces key management complexity and operational costs by giving customers lifecycle control of encryption keys with centralized management and visibility. Read the solution brief for an overview of its features, capabilities and benefits.

Download
the CipherTrust Cloud Key Manager for Multicloud Data Security

Analyst Research : the CipherTrust Cloud Key Manager for Multicloud Data Security

This Enterprise Strategy Group white paper discusses the general need for Key Management as a Service for users of multiple cloud environments, identifying many features of the CipherTrust Cloud Key Manager as critical for data control when used with cloud provider encryption.

Download

Related Products

Multi-Cloud Security Solutions

Thales eSecurity offers a range of products that can secure your data across multiple cloud providers

Learn More

Cloud Bring Your Own Key

Manage encryption keys for public cloud services from an on-premises, high-assurance hardware security module

Learn More

Bring Your Own Encryption

A potential alternative to cloud provider encryption: You can bring your own encryption to infrastructure as a service (IaaS) providers.

Learn More
Vormetric Encryption delivers what we need it to do – without any fuss or drama – knowing it’s in place is one less thing to worry about. Albert AvilaBusiness Solutions Specialist, Fujitsu America, Inc.

As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We selected Thales HSMs to provide robust security, unmatched performance and superior scalability across our payment security platforms, protecting encryption keys from virtually any attack. This helps Verifone to continue reducing merchants’ growing exposure to data breaches and cyber criminals and more aggressively safeguard consumer information… Joe Majka,Chief Security Officer

The Vormetric solution not only solved all of our encryption needs but alleviated any fears of the complexity and overhead of managing the environment once it was in place. Joseph Johnson,chief information security officer CHS
My concern with encryption was the overhead on user and application performance. With Thales eSecurity, people have no idea it’s even running. Karl MudraCIO
Delta Dental of Missouri
Vormetric’s approach of coupling access control with encryption is a very powerful combination. We use it to demonstrate to clients our commitment to preserving the security and integrity of their test cases, data and designs. David VargasInformation Security Architect
Cadence Design Systems
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data. Audley Deansenior director of Information Security,
BMC Software
There is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy and it has always performed flawlessly. Christian MuusDirector of Security for Teleperformance EMEA
Thales eSecurity is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales eSecurity. Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
Watch our interactive demo Explore
Schedule a live demo Schedule
Get in contact with a specialist Contact us