CipherTrust Key Broker for Google Cloud EKM

CipherTrust Key Broker for Google Cloud EKM: Create and control encryption keys outside of Google Cloud

CipherTrust Key Broker is integrated with Google Cloud EKM to make it easy for organizations to follow security and key management best practices while leveraging the power of Google Cloud for compute and analytics. Organizations are able to securely create and control their own encryption keys separate from where their sensitive data is being hosted. By generating their own encryption keys using CipherTrust Key Broker, organizations can verify the origin and quality of the keys they are providing to the cloud provider, while maintaining the original version of the key outside of the Google Cloud environment. Organizations hold their master keys in a Thales Luna Cloud HSM, which acts as the trust anchor for the CipherTrust Key Broker solution. This provides a FIPS 140-2 Level 3 certified root-of-trust, and ensures separation between data and encryption keys, helping to fulfill compliance and security requirements.

Resources and Additional Information

Google EKM

Enhancing Encryption Key Control and Data Security in Google Cloud Platform - Solution Brief