Thales News Release

Thales Advances High Assurance Enterprise Key Management With KeyAuthority 3.0

December 15, 2011

Field-Proven, Security-Hardened Key Management Appliance Delivers Robust High Availability

Thales, leader in information systems and communications security, announces keyAuthority 3.0 – combining high availability and hardened security to deliver a field-proven high assurance key manager. keyAuthority enables organizations to manage their ever-increasing number of encryption keys with confidence that they will not become lost, stolen or unavailable. This simplifies data loss prevention, accelerates regulatory compliance and facilitates auditing of security controls.

keyAuthority is an easily-deployed key management solution that consolidates and automates the management of encryption keys across multiple classes of encryption devices. The high availability appliance together with automated key replication gives controlled and continuous access to keys, ensuring that business continuity and data recoverability requirements are met. The attack-resistant, hardened security ensures that sensitive key data is protected from compromise. Centralized key lifecycle management unifies and automates administration of multiple classes of encryption devices, and market-leading scalability of up to 25 million keys and thousands of managed devices enables organizations to confidently deploy a consistent global solution. The appliance supports a standards-based approach as well as legacy interoperability with leading data storage products and encryption devices.

“As a pioneer in storage encryption, IBM provides an integrated layer of hardware storage security that helps organizations meet the stringent internal and external privacy compliance mandates that require strong protection of stored data,” says Marc van Zadelhoff, VP Strategy and Product Management, IBM Security Systems. “For clients that require a truly high-assurance key management solution we chose to partner with Thales. Not only is keyAuthority a well proven platform that fully satisfies those stringent requirements, it is also highly complementary with IBM Tivoli Lifecycle Key Manager (TKLM), giving customers a choice of deployment models and assurance levels.”

“Protecting our data from various external and internal risks, protecting integrity and confidentiality of our data is of utmost importance to LGT to maintain the trust and confidence of our customers,” says Rolf Künzler, chief technology officer at LGT Financial Services AG. “The best way to guarantee that our encryption keys will never be lost or stolen is to protect them in a hardened, independently certified appliance. As a user of IBM storage encryption, we were able to deploy Thales keyAuthority 3.0 to meet our needs for a high assurance key manager – both to protect our encryption keys and to ensure that those keys are always available, a critical business continuity issue when encrypting data archives and backups.”

“Encryption is rapidly becoming a ubiquitous security technology, but the management of those encryption keys remains the dominant deployment challenge. The process of encryption shifts the attacker’s attention from the data itself to the keys that protect it. Similarly the inability to access encryption keys when that data needs to be accessed renders that data inaccessible – negating all efforts to establish high availability for that data. This puts the process of key management under an operational and security spotlight,” says Franck Greverie, Thales vice president in charge of information technology security activities. “The prevalence of data privacy requirements such as PCI DSS has highlighted the key management challenge, most prominently in the storage market; but there is no question that ultimately this is an enterprise-wide issue. Thales is proud to be at the centre of that revolution both as a technology provider and also as one of the original co-authors of new key management standards (OASIS KMIP) that will help unify the often proprietary and silo-oriented approaches to key management.”

keyAuthority, previously known as Thales Encryption Manager for Storage (TEMS), was originally launched in 2008 and is designed to meet FIPS 140-2 Level 3 – the most widely adopted security benchmark for tamper-resistant cryptographic solutions in government and commercial enterprises. Independent certification of a product’s security properties is vital in order to provide customers with a high level of confidence and auditors with tangible benchmarks with which to assess these critical security components.

keyAuthority is available immediately from Thales and Thales authorized channel partners.

  • keyAuthority product page
  • keyAuthority datasheet
  • Key Management for Dummies Guide
  • Thales Key Management Insights blog for overviews of key management issues, industry news and comment