CipherTrust Cloud Key Management
Industry best practices as defined by the Cloud Security Alliance (CSA) require that keys be stored and managed outside of the cloud service provider and the associated encryption operations . Cloud Service Providers (CSPs) can comply with best practices by offering Bring Your Own Key (BYOK) or Hold Your Own Key (HYOK) services to enable customer control of the keys used to encrypt their data. Customer control of the keys allows for the separation, creation, ownership and control, including revocation, of encryption keys or tenant secrets used to create the keys.
CipherTrust Cloud Key Management (CCKM) increases efficiency by reducing the operational burden—even when all of the cloud keys are native keys. Giving customers lifecycle control, centralized management within and among clouds, and visibility of cloud encryption keys reduces key management complexity and operational costs. Customers report that they stepped away from managing keys across a heterogeneous environment and invested in CCKM to enable them to move securely to the cloud—and their cloud use is growing exponentially, reducing management overhead and the potential for security holes.