Thales Blog

Showcasing Key Management Interoperability At RSA Conference

February 21, 2013

Ashvin Kamaraju Ashvin Kamaraju | Vice President of Engineering, Strategy & Innovation More About This Author >

Key Management

The alarming growth in the number of data beaches, the need to comply with data governance regulations, and the migration of sensitive data to the cloud underscores the need to protect sensitive data. Data protection boils down to building a firewall around your data: define who has access to the data and encrypt that data. Unfortunately, many products that accomplish this manage the keys used for encryption in a closed, non-interoperable system.

In an effort to improve interoperability, last week, the OASIS international open standards consortium announced approval of version 1.1 of the Key Management Interoperability Protocol (KMIP). We are a supporter of industry standards and a member of OASIS’s technical committee, and therefore very proud to be a part of this announcement. We released our own news about this yesterday.

There are many areas where key management is required: message exchange applications, web servers, custom applications, databases, in-line encryption and data at rest. Data is growing exponentially and consequently, so is the sensitive data that must be encrypted. The challenge of key management grows commensurately with the growth in encrypted data. As a large part of the enterprise ecosystem begins to encrypt data, enterprises will benefit from an interoperable key management standard that can eliminate encryption/key management silos and reduce the overall cost of data governance.

Standards benefit customers in helping them reduce operational costs and vendor lock ins. KMIP standard version 1.1 signals the maturity of the standard: there are currently 32 vendors collaborating in the technical committee and 17 vendors who are part of the announcement.

We are supporting KMIP in our Data Security Manager, enabling interoperability with other key management servers and providing key life cycle management for encryption clients such as tape storage systems, self encrypting drives in storage arrays and file servers, and for secure transactions in the cloud.

On behalf of the entire Vormetric team, we are excited to be participating in the RSA Conference OASIS KMIP interoperability testing and demonstrating conformance to the KMIP server/client test cases. We are looking forward to meeting many of our customers and partners at Booth 3012!

Ashvin Kamaraju is Vormetric’s vice president of product development and partner management.