Enjoy the benefits of cloud knowing that your keys are secure
Streamline management of your encryption keys from multiple cloud providers with a fully managed service, hosted in Australia.
Cloud Key Management as a Service
As organisations turn to multiple cloud service providers to solve different challenges, they’re faced with new risks and added responsibilities when it comes to encryption key management. The complexity – and lack of control – is enough to make you question your cloud strategy, but there is an answer. Thales’ Key Management as a Service (KMaaS) puts you back in control and allows you to manage keys for multiple cloud deployments from a single pane of glass.
Our Key Management as a Service is hosted in Australia and supports a growing list of infrastructure, platform- and software as a service (IaaS, PaaS and SaaS) providers. Meaning you can securely manage the lifecycle of all your keys with ease and compliance.
Strengthen Key Control and Security
Data Encryption solutions from leading public cloud providers offer Bring Your Own Key (BYOK) services that enable customers to separate key management from provider-controlled encryption. Thales’ Key Management as a Service utilizes BYOK services to deliver key generation, separation of duties, reporting, and key lifecycle management. These capabilities combined with FIPS 140-2-certified secure key storage helps fulfil internal and industry data protection mandates.
Fulfil Best Practices
Separate encryption keys from data encryption and decryption operations for compliance, best practice security and control of your data. Gain operational insight on encryption key usage with dashboards, reports and logs.
Enjoy Enhanced IT Efficiency
Manage encryption keys for multiple cloud environments from a single pane of glass. Automated key rotation and federated login simplify key lifecycle management even further.
Strong Encryption Key Security
Key Management as a Service leverages the security of the Vormetric Data Security Manager to create keys and store them with FIPS 140-2 security. Safe cloud backup key storage is provided by a key escrow service for supported clouds. You control full key metadata control during upload and for keys in use.
True Multi-Cloud Support
With support for Amazon Web Services, Microsoft Azure, Microsoft Azure Stack, Microsoft Azure and Salesforce.com, Key Management as a Service keeps you in control of encrypted data across multiple clouds from a single pane of glass, including across multiple accounts.
Automated Key Rotation
With the click of a button or an API request, keys are marked for automated key rotation on a per-cloud schedule. From then on, Key Management as a Service performs key rotation automatically with comprehensive logging for IT efficiency and enhanced data security. Key Rotation may be specified for keys without expiration dates, or specifically for keys to be rotated prior to their expiration dates.
Comprehensive Key Management
Deploy Key Management as a Service with any number of keys already created at your cloud provider. It will synchronize its key database with your provider’s. Key attributes such as expiration rules and usage options are all maintained.
Federated User Access to Key Management
Each cloud service login is authenticated and authorised by the service provider. Granular key usage authorization ensures that users see only permitted keys.
The Compliance Tools You Need
Access a full range of logs and reports for fast compliance reporting, including per-cloud operational logs and a range of pre-packaged key activity reports.
Supported Cloud Providers:
- Microsoft Azure: OAuth Federation
- Salesforce: OAuth Federation
- Amazon Web Services: Key and Secret