Following an increased call for enhanced sovereign controls amid growing regulatory requirements, the integration enables organisations to retain control of their encryption keys when migrating their sensitive data to the AWS cloud.
Developed with Thales since its inception, the AWS External Key Store combined with CipherTrust Cloud Key Manager offers organisations looking to move critical workloads to the cloud a way to maintain sovereign control of sensitive data throughout their digital transformation journey.
“We’ve had a strong technical collaboration with Thales on the development of the AWS External Key Store specification from the very beginning, in part due to their long history of expertise developing hardware security modules and key management services,” said Ken Beer, General Manager, Key Management Service at AWS.
“The cloud has become a critical point of operation across businesses, and our combined expertise provides a way of helping organisations address specific needs and know they’re getting industry-best security controls in the process.”, Beer added.
According to the Thales 2022 Cloud Security Study, encryption is the number one choice to protect data in the cloud. However, only about one-third (29%) of respondents report total control of their keys to encrypted data in the cloud. User-controlled encryption and key management in hybrid IT are essential safeguards to enforce digital sovereignty in a modern data-driven world governed by privacy compliance mandates, regulated sectors, or general IT security recommendations such as the Shared Responsibility Model and the NIS2 Directive.
CipherTrust Cloud Key Manager ensures AWS External Key Store customers can satisfy these urgent regulatory requirements by leveraging strong encryption and data security methods that allow organisations to manage their data separately from the cloud service provider.
Such a safeguard, also known as Hold Your Own Key (HYOK), enables organisations to maintain key ownership separate from the cloud data store.
“Varying data protection regulations across countries have presented a challenge for global organisations migrating to the cloud,” said Heleen Herselman, VP AWS Powerhouse at T-Systems Cloud Service.
“The CipherTrust Cloud Key Manager simplifies this challenge and ensures we remain compliant while taking advantage of all the benefits of leveraging cloud services. The ability to lean on Thales’ solution has become especially important, as we, and other organisations, increasingly rely on multi-cloud environments.”, Herselman continued.
CipherTrust Cloud Key Manager is a multi-cloud encryption key life cycle management solution that supports all major public cloud service providers. With a marked increase in multi-cloud adoption, this solution allows users to centralise key management across all clouds.
“This is the first integration on the market to solve a major pain point for AWS cloud customers: how can they utilise protected data in the AWS cloud while retaining encryption keys outside the cloud.” said Todd Moore, VP, Encryption Products at Thales.
“As an industry leader in key management solutions, we are proud to offer an encryption solution that provides the ability to maintain external control of keys and cryptographic operations using those keys. CipherTrust Cloud Key Manager is at the forefront of advanced digital sovereignty. We’ll continue to introduce cutting-edge security and compliance features that support organisations in their digital transformation journeys.”, Moore concluded.