Strong Encryption Key Security
CipherTrust Cloud Key Manager leverages the security of either the Vormetric Data Security Manager or Thales KeySecure to create keys and securely store them. Keys sourced by the solution are always available to mitigate accidental key deletion in cloud consoles. You control full key metadata control during upload and for keys in use.
True Multi-Cloud Support
With support for Amazon Web Services, Microsoft Azure, Microsoft Azure Stack, Microsoft Azure Germany and China national clouds, IBM Cloud, Salesforce.com and Salesforce Sandbox, CipherTrust Cloud Key Manager keeps you in control of encrypted data across multiple clouds from a single pane of glass, including across multiple accounts.
Automated Key Rotation
With the click of a button or an API request, keys are marked for automated key rotation on a per-cloud schedule. From then on, CipherTrust Cloud Key Manager performs key rotation automatically with comprehensive logging for IT efficiency and enhanced data security. Key Rotation may be specified for keys without expiration dates, or specifically for keys to be rotated prior to their expiration dates.
Comprehensive Key Management
Deploy CipherTrust Cloud Key Manager with any number of keys already created at your cloud provider. It will synchronize its key database with your provider’s. Key attributes such as expiration rules and usage options are all maintained.
Federated User Access to Key Management
Each cloud service login is authenticated and authorized by the service provider - CipherTrust Cloud Key Manager includes no login data base nor requires AD or LDAP integration. Granular key usage authorization ensures that users see only permitted keys.
The Compliance Tools You Need
CipherTrust Cloud Key Manager has the full range of logs and reports you need for fast compliance reporting, including a per-cloud operational logs and a range of pre-packaged key activity reports.
Implementation Choices that Match Your Needs
CipherTrust Cloud Key Manager offers several convenient implementation choices to meet your security and deployment needs:
- All-software is available with FIPS 140-2 Level 1-certified security. Both the CipherTrust Cloud Key Manager Virtual Appliance and virtual Data Security Manager or Virtual KeySecure can be instantiated in Amazon Web Services and Microsoft Azure, or deployed in any private cloud leveraging VMware.
- Customer that require FIPS 140-2 Level 3 or 2 can deploy or utilize existing Vormetric Data Security Manager or Next Generation KeySecure appliances or supported HSMs in on-premises or hosted data centers. Further both the KeySecure and Data Security Manager virtual appliances can utilize the Thales Luna Network HSM as a root of trust.