Last February, almost a year to the day, we announced the results in this blog of the OASIS KMIP 1.1 Interoperability Tests, demonstrating Thales’ commitment to supporting open standards for centralized key management. What a difference a year makes as new KMIP-ready products were announced in 2013, enabling customers to accelerate deployment of encryption across their IT infrastructure. With KMIP 1.2 now pending release a year later, Thales continues to raise the bar, helping customers make sense through a systematic approach based on best practices toward integrating applications and systems through its keyAuthority hardened appliance.
But what does this mean to enterprises and other organizations? More reliable encryption applications, more flexibility, and greater economics going forward.
The pain of deploying encryption has reached the point of critical mass. Too many applications, too many key managers—and no consistency to provide reliable controls and auditing. Thales’ annual Global Encryption Trends report published in conjunction with Ponemon highlights the pain that organizations are experiencing in discovering sensitive data and deploying encryption effectively to protect it. With the major challenge being key management, a disciplined approach is needed. And KMIP provides the glue to bring order across the enterprise.
With KMIP now in its 4th year as a standard, vendors developing new encryption applications, as well as customers looking to unify key management, now have a mature blueprint for interoperability. KMIP provides a path forward for enforcing a single set of encryption policies for each key lifecycle, while reducing the overhead of needing multiple key managers across an organization. With encryption safe harbor rules becoming more prevalent in regulatory mandates, it makes good sense that a single, central key management system to provide control attestation and clear auditing from a reliable source can benefit compliance goals.
KMIP 1.2 further advances the scope of key operations and profiles to further address use cases beyond the typical data center. As organizations start to consider cloud computing, mobile applications and virtualization environments when deploying encryption, KMIP allows the flexibility to expand key management under a consistent system. This allows a single key manager with broad support for KMIP to improve solution economics through re-use as applications scale and become more prevalent across IT.
Supporting the KMIP standard is in Thales customers’ best interests, as it allows keyAuthority users to deploy the most secure, reliable key management system rated to FIPS 140-2 Level 3 and take advantage of a wide range of KMIP-ready applications rolling out in the future. At the same time, organizations should demand that new encryption offerings from vendors support KMIP in order to provide the greatest flexibility when seeking out best of breed key management options.
This week at the RSA Conference 2014 (February 24-27), Thales will be demonstrating keyAuthority, its award-winning key management appliance, at the OASIS KMIP Interoperability Showcase (booth #1909). Conference attendees will have the opportunity to ask questions of industry experts and explore solutions for accelerating encryption across applications. Thales will also be featuring keyAuthority at its main booth (#909) where show attendees can inquire about the Ponemon survey report and latest encryption trends.