AWS External Key Store (XKS) is a new capability in AWS Key Management Service (KMS) that allows customers to protect their data in AWS using encryption keys held inside CipherTrust Manager or Luna Network HSMs external to AWS.
Benefits:
- Move critical workloads to the cloud
- Maintain sovereign control of sensitive data
- Gain strong key control and security
Obtain digital sovereignty and meet compliance requirements.
- Using CipherTrust Cloud Key Manager (CCKM)
- Hold keys outside of AWS to align with the shared responsibility model
- With CCKM’s single pane of glass, manage AWS Native, AWS CloudHSM, BYOK, and HYOK keys
- Choose between industry-leading CipherTrust Manager or Luna Network HSM as a key source
Integrate CipherTrust Cloud Key Manager with AWS XKS
Video Source: Thales CPL
CipherTrust Cloud Key Manager (CCKM), which is a licensed component of the CipherTrust Manager, delivers key generation, separation of duties, reporting, and key lifecycle management to help fulfill internal and industry data protection mandates. FIPS 140-2 Level 3 certification available.
Enabling Agencies To:
- Maximize choice from a single console, manage Native, BYOK, HYOK keys across clouds
- Demonstrate compliance with privacy regulations
- Improve operational sovereignty to protect against internal and external bad actors
- Reduce threat surface by centralizing control of keys outside of cloud providers
- Increase efficiency and reduce costs by simplifying key management
- Faster time to value by speeding up migration to the cloud