Thales Blog

Why centralized key management is critical in the age of digital transformation

June 25, 2020

Nisha Amthul Nisha Amthul | Senior Product Marketing Manager More About This Author >

With more cryptographic keys to protect, more value in the data being protected by those keys, and proliferating compliance requirements (including those of GDPR, PCI DSS, and many other regulations and standards around the globe) nearly every business urgently needs to address key management.

Add to this the fact that due to ongoing digital transformation within many organizations, more than 50% of all data now resides in the cloud, and nearly half of that data is deemed sensitive, according to the 2020 Thales Data Threat Report-Global Edition. But interestingly enough, only half of IT security professionals say they control the keys to their sensitive data encrypted in the cloud. Security administration is time-consuming, costly and complex, especially when implemented and administered for specific siloed systems and business units rather than across the enterprise on a single platform.

This is why Thales is committed to arming customers with the centralized key management solutions they need to address today’s data security requirements.

Don’t leave key management to chance

Manual key management processes (either developed in-house or application–centric) easily result in human errors that often go unnoticed and may leave keys mismanaged or highly vulnerable. The more diverse an infrastructure is (in terms of its data and intellectual property under protection), the more complex and error-prone manual key management becomes.

Introducing next-generation encryption key management

According to an IDC Data Security survey released earlier this year, security teams face the challenge of managing multiple key management solutions protecting structured and unstructured data. To help organizations address these challenges, Thales recently launched CipherTrust Manager, our next-generation key management solution. CipherTrust Manager provides centralized key lifecycle and policy management across a disparate set of encryption technologies (servers, storage and cloud environments) for structured and unstructured data.

In addition, CipherTrust Manager provides granular access control with separation of duties, and handles auditing and reporting of key lifecycle changes. This offers customers a simpler and stronger security solution to protect sensitive data on-premise or across multiple cloud environments.

This new solution is also integrated with a new data discovery engine and a comprehensive set of data protection connectors from Thales. These connectors discover and protect sensitive data wherever it resides. Additionally, CipherTrust Manager is built on an enterprise key management platform that is user friendly, cloud ready and API driven.

CipherTrust Manager also offers customers:

  • Centralized & simplified management: A unified management console to discover and classify sensitive data, and protect data using an integrated set of data protection connectors across on-premises data stores and multi-cloud deployments. It offers advanced self-service licensing for improved visibility and control of licenses;
  • Cloud Friendly Deployment: Integration with leading cloud service providers and virtual platforms such as AWS, Microsoft Azure, Google Cloud Platform, IBM Cloud, VMware, Microsoft Hyper-V. Additionally, native support of CipherTrust Cloud Key Manager on CipherTrust Manager streamlines key management across multiple cloud infrastructures and SaaS applications;
  • Flexible Form Factors: Customers can easily deploy both on-premise hardware appliances or flexible, high-availability virtual configurations built on the latest industry standards (including containers and microservices) across geographically dispersed data centers or cloud service providers;
  • Developer Friendly REST APIs: New REST interfaces in addition to OASIS Key Management Interoperability Protocol (KMIP) and NAE-XML APIs for developers to simplify deployment of applications integrated with key management capabilities and automate testing and development of administrative operations; and,
  • Compatibility: Compatibility with KMIP provides support for a large, growing partner ecosystem to address a broad spectrum of use cases. CipherTrust Manager also supports key storage in on-premise Thales Luna Network HSMs.

For more information on how Thales CipherTrust Manager can help you implement an enterprise-wide key management solution that can simplify operational complexity and minimize overall risks, please watch our webinar, “Are You The Keymaster? Best Practices in Encryption Key Management

Related Articles

No Result Found