CipherTrust Application Key Management

CipherTrust Application Key Management (CAKM) is an enterprise-grade encryption key management product designed to securely handle cryptographic keys used by database encryption technologies such as Oracle Transparent Data Encryption (TDE) and Microsoft SQL Server EKM. CAKM operates with CipherTrust Manager and the CipherTrust Data Security Platform-as-a-Service (CDSPaaS) to externalize and centrally control encryption keys that would otherwise reside on database servers. It encrypts Data Encryption Keys (DEKs) with a Master Encryption Key (MEK) stored separately, ensuring that data-at-rest remains protected even if database files are compromised. CAKM supports encryption with minimal impact on application performance and requires no changes to existing applications while enforcing separation of duties among administrators.

CipherTrust Data Security Platform delivers unified data protection by integrating data discovery, monitoring, protection, and control into a scalable solution. It identifies sensitive data across cloud, on-premises, and hybrid systems, continuously monitors usage and risk, applies strong encryption, tokenization, and key management, and enforces granular access controls. This holistic methodology helps organizations reduce exposure, strengthen compliance, and maintain consistent security policies while simplifying administration and safeguarding critical information throughout its lifecycle.