KMS for AWS XKS
AWS KMS has a feature called AWS XKS that allows secure communication with external encryption keys. This means that you hold your own key (HYOK). Using this solution, it’s possible to encrypt data with private external keys for many AWS services including Amazon EBS, AWS Lambda, Amazon S3, Amazon DynamoDB, and over 100 other services. It is possible to do this without requiring any modifications to the current configuration parameters or code used for these services.
Complior currently offers a KMS as a service based on Thales CipherTrust manager, protected by Thales HSM. This service is provided to our customers through secure data centers in Stockholm, Sweden.
Obtain digital sovereignty and meet compliance requirements
- Using CipherTrust manager and Cloud Key Manager (CCKM)
- Hold keys outside of AWS to align with the shared responsibility model
- Choose between industry-leading CipherTrust Manager or Thales HSM as a key source
CipherTrust Cloud Key Manager (CCKM), which is a licensed component of the CipherTrust Manager, provides key generation, separation of duties, reporting, and key lifecycle management to assist in fulfilling internal and industry data protection mandates. It is FIPS 140-2 Level 3 certified.
This solution enables organizations to:
- Manage Native, BYOK, HYOK keys across clouds from a single console, maximizing choice.
- Demonstrate compliance with privacy regulations such as GDPR, Shrems II, PCI-DSS, CCPA.
- Improve operational sovereignty to protect against internal and external threats.
- Centralize control of keys outside of cloud providers to reduce the threat surface.
- Simplify key management to increase efficiency and reduce costs.
- Speed up migration to the cloud for faster time to value.
Learn more
Blog
Hur är det nu med känsliga data i Amazon (AWS), är det ens möjligt?
Myndighetssamarbetet eSams juridiska expertgrupp har uttalat att det inte är möjligt att använda amerikanska molntjänster för känsliga data utan att riskera att de röjs, om
Blog
Unlock the Possibilities: A HYOK Solution for SaaS Companies
Introduction Today, HYOK is essential for any SaaS provider that wants to ensure the privacy and security of their customers’ data. Hold Your Own Key,
Blog
BYOK – ”Bring Your Own Key”
BYOK stands for ”Bring Your Own Key”. It is a security concept that allows organizations to retain control over the cryptographic keys that are used