Skip Navigation

Amazon Web Services (AWS) 

About Amazon Web Services

For 15 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud platform. AWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 200 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 80 Availability Zones (AZs) within 25 geographic regions, with announced plans for 15 more Availability Zones and five more AWS Regions in Australia, India, Indonesia, Spain, and Switzerland. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. 

Advanced data protection for AWS

Effective, secure cloud use involves an increasing number of decisive moments, such as when you consider using sensitive data in any cloud. You can rely on Thales Trusted Cyber Technologies (TCT) to secure your digital transformation. Thales Data Discovery and Classification, advanced encryption and centralized key management solutions give you protection and control of data stored on your premises, Amazon Web Services, and other cloud providers. Thales technology enables:

  • Avoid cloud vendor encryption lock-in and ensure the data mobility you need while you efficiently and securely spread workloads and data across multiple cloud vendors, including AWS, with centralized, independent encryption management
  • Take secure advantage of Amazon Key Management Services (AWS KMS) with a centralized key management solution that spans multiple clouds
  • Identify attacks faster with data access logging to industry-leading SIEM applications
  • Reduce or eliminate risks arising from compromised credentials with advanced encryption including privileged user access controls
  • Architect applications for the cloud with built-in security using Vaultless Tokenization with Dynamic Data Masking

Download Solution Brief


  • Data Discovery and Classification
    CipherTrust Data Discovery and Classification locates regulated data in AWS, other clouds and on-premises across many different types of data stores, include AWS block storage offerings and AWS S3. It offers a quick start with a full set of built-in classification templates with centralized operations on CipherTrust Manager. The product enables informed decision making about what and how to protect data in AWS.
  • CipherTrust Transparent Encryption

    If you’re 100% Amazon Web Services-based with stringent data security controls, or if you’re running hybrid clouds with data distributed across your on-premises private cloud, multiple cloud providers, and on AWS, you need an advanced data encryption solution. CipherTrust Transparent Encryption protects your files and databases on your premises and across multiple clouds including AWS, without any changes to applications, databases, infrastructure or business practices. You can bring your own encryption to AWS and other infrastructure- and platform-as a service providers.

    CipherTrust Transparent Encryption:

    • Protects data stored in AWS S3 buckets for any S3 data source, operating in AWS, another cloud, or on-premises, that is using S3 protocols and equipped with a Transparent Encryption agent
    • Strengthens data security with operating system-level controls against unauthorized access based on granular access policies, including user identity (including for administrators with root privileges), and process, among many others
    • Accelerates breach detection and satisfies compliance mandates with detailed file access logs, directed to your security information and event management (SIEM) system
  • CipherTrust Manager
    CipherTrust Manager centralizes key, policy and log management for CipherTrust Transparent Encryption, and is available in various hardware models for on-premises deployment, or can be instantiated as a shared AWS AMI.
  • Multicloud BYOK management

    Organizations that cannot bring their own encryption can still follow industry best practices by managing keys externally using the CipherTrust Cloud Key Manager.

    The CipherTrust Cloud Key Manager leverages cloud provider Bring Your Own Key (BYOK) API’s to reduce key management complexity and operational costs by giving customers lifecycle control of encryption keys with centralized management and visibility. The solution is available as a shared AWS AMI, or can be deployed on premises or in any supported private cloud deployment to meet more stringent compliance requirements. 

    CipherTrust Cloud Key Manager offers the following advantages:

    • Enhanced IT efficiency with multi-cloud key management
    • from a single console that offers automated key rotation and comprehensive key life cycle management
    • Safer key management practices combined with cloud benefits of scale, cost and convenience
    •  Greater control over keys—you can control key generation and storage of keys used in AWS KMS, Microsoft Azure the Google Cloud Platform Customer Managed Encryption Key (CMEK) Service and more
  • KeySecure for Government on AWS Marketplace

    Designed for U.S. Government Agencies, KeySecure for Government G350v on AWS is a virtual, centralized key management platform that supports a broad encryption ecosystem for the protection of sensitive data in databases, file servers, storage, virtual workloads, and applications across virtualized data centers.

    Additional Resources

  • KeySecure for Government and AWS KMS Integrated Key Management

    SafeNet AT ManageCMK is a reference that tool implements the integration between KeySecure for Government and AWS KMS. The ManageCMK tool is used as the secure conduit to issue commands to KeySecure for Government and AWS KMS related to the management of Customer Master Keys (CMKs). Using this solution, government agencies can leverage the encryption capabilities built into the AWS cloud while using KeySecure for Government to manage and maintain ownership of their encryption keys. AWS Key Management.

    Additional Resources


This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.