Thales CipherTrust Cloud Key Management for Salesforce - Solution Brief

Due to a growing number of requirements, including security and sovereignty mandates, organizations need to control their date. This is particularly challenging for enterprises using SaaS-based solutions since they do not directly manage, host, or even own the cloud-based platform containing their data. 

Managing encryption keys and storing them securely is the cornerstone to meeting data security and sovereignty requirements. This is because encryption keys (also called cryptographic keys) are the strings of bits generated to encode and decode data. Whoever owns and manages the keys, therefore also ultimately owns the data. This is why organizations must prove they manage and control their encryption keys to be compliant with many digital sovereignty and data protection requirements. 

Additionally, ensuring control over encryption keys can bolster security for SaaS-based applications in the event of a cyber-attack since the keys are stored and managed separately from the data.