Key Management

The need for strong encryption key management is more critical than ever as organisations are moving huge volumes of critical data to their IaaS, PaaS, SaaS and cloud service provider environments. It is the best practice to separate keys from data as per various compliance mandates.


  • To secure key management to safeguard traditional cloud data, SaaS data and public cloud data


  • Key Management Solutions for Traditional Cloud Services: Thales e-Security partners with cloud service providers to ensure that you have control over your keys irrespective of whether you leverage a Vormetric Data Security Manager deployed in the provider's environment or you deploy your own DSM.
  • Key Management Solutions for SaaS: The company works to partner with leading SaaS providers to enable them to first encrypt sensitive data and then enable customers to bring their own keys to enhance regulatory compliance.
  • Key Management Solutions for Public Cloud Services: Thales nShield HSMs support your own key APIs offered by Amazon Web Services, Microsoft Azure, and Google Cloud Platform to address the concerns about unauthorised access of encryption and compliance violations. A single on-premises nShield HSM can be used to generate, store, wrap, and export keys to multiple public cloud providers. You can also bring your own encryption (BYOE) and manage your own keys with Vormetric Transparent Encryption running in the cloud and the Vormetric Data Security Manager operating on your premises or in the cloud.


  • Achieving security and regulatory compliance with standards such as PCI DSS, HIPAA etc
  • Gaining privileged user access controls and security intelligence
  • Bringing your own keys to public cloud providers
  • Efficient and convenient key management from a single, centralised nShield HSM
  • Maintaining flexibility to change CSPs with the help of our easy-to-use key management

Required Products:

  • Vormetric Data Security Manager
  • CipherTrust Cloud Key Manager


Get In Touch