Managing encryption keys and storing them securely is the cornerstone to meeting data security and sovereignty requirements. This is because encryption keys (also called cryptographic keys) are the strings of bits generated to encode and decode data. Whoever owns and manages the keys, therefore also ultimately owns the data. This is why organizations must prove they fully manage and control their encryption keys to be compliant.

Resources and Additional Information

Thales CipherTrust Manager and VMware Cloud Director Key Management Solution - Solution Brief

VMware vSphere  provides a powerful, flexible, and secure foundation for business agility that accelerates the digital transformation to cloud computing and success in the digital economy.

Resource and Additional Information

VMware vSphere Virtual Machine Security with CipherTrust Manager - Solution Brief

Vmware And Thales Deliver Secure Hyper-Converged Infrastructure Solutions - Solutions Brief

SAC using CBA for VMware vCenter Server 6.5 vSphere Web Client

Google now supports running the VMware stack in Google Cloud using the Google Cloud VMware Engine (GCVE). Now apps and workloads designed to run within VMware can be seamlessly migrated to the cloud. The combination of Google GCVE, VMware and Thales CipherTrust Manager ensures a secure path to the cloud. This joint solution simplifies migration, while adding all the benefits of the cloud, including scale, agility, lower cost, best in class security of dedicated infrastructure, and streamlined management of private encryption keys.

Resources and Additional Information

VMware Tanzu Greenplum is an open-source data warehouse that provides powerful and rapid analytics on very large volumes of data. Uniquely geared towards machine learning and advanced data science, Greenplum is powered by an advanced cost-based query optimizer delivering unmatched analytical query performance on large volumes of data. Greenplum provides flexibility and tight integration with leading analytical libraries and software stacks.

Resources and Additional Information

VMware Tanzu Greenplum Open Source Data Warehouse And Thales Vormetric Transparent Encryption Solution Brief

Delivered, sold and supported by VMware as an on-demand service, and running on dedicated, elastic, bare-metal AWS infrastructure, VMware Cloud on AWS is powered by VMware Cloud Foundation™, the unified SDDC platform that integrates vSphere, VMware vSAN™ and VMware NSX® virtualize information on the VMware technologies. With the same architecture and operational experience on-premises and in the cloud, IT teams can quickly derive business value from use of the AWS and VMware hybrid cloud experience.

Resources and Additional Information

VMware And Thales Secure The Hybrid Cloud - Solution Brief

VMware Tanzu Application Service (TAS) integrates with Thales Luna Network HSMs to provide high assurance cryptographic key protection for applications in VMware Tanzu environments. With Thales Network HSMs, organizations protect valuable keys and certificates throughout their entire lifecycle externally on a centralized platform in accordance with such compliance obligations as PCI DSS, GDPR, CCPA, NY DFS, and HIPAA. Luna Network HSMs additionally let developers accelerate cryptographic operations in their applications, and allow security professionals to audit a single point for all of their application’s cryptographic keys.

Developers can use the TAS Java Build pack to seamlessly deploy Luna Network HSMs, leaving only configuration to the application as the final step, ultimately making the addition of security straightforward and painless. Thales’ keys-in-hardware approach keeps keys within the FIPS 140-2 validated confines of the hardware appliance so they always benefit from both the appliance’s physical and logical protections. Ease-of-use aside, fundamentally, HSMs prevent unwanted access to cryptographic keys - even by third-party cloud infrastructure providers - irrespective of where applications are deployed.

Resources and Additional Information

VMware Tanzu Application Service with Thales Luna Network HSM Solution Brief

Tanzu Application Service (TAS) Credhub integrates with Thales Luna Network HSMs to secure the credentials and secrets underpinning the entire application development platform. TAS Credhub collects these credentials in a centralized manager to ease platform administration. Unfortunately, this same centralization makes it an attractive target for privileged insiders and other unauthorized users seeking access to often sensitive regulated data. To address best-practice security, and meet their compliance obligations organizations can use Luna Hardware Security Modules (HSMs) to isolate and secure these Credhub credentials, keep platform data safe, and address a customer’s relevant compliance requirements. Organizations use Luna HSMs to attain the high assurance, hardware security needed to protect their cloud services and applications running on TAS.

Resources and Additional Information

Solution Brief: Thales Luna Network HSMs Provide Key Security in Tanzu Credhub