Microsoft Azure offers convenience and cost savings. However, you still need to follow security, privacy and compliance rules, as well as best practices, for protecting data. Further, you need rapid data mobility across all clouds you currently use and those in your future, a need which can be compromised with cloud-vendor-specific encryption solutions.
Advanced Encryption with Comprehensive Azure Key Management
Thales Trusted Cyber Technologies (TCT) advanced encryption and centralized key management solutions give you protection and control of data stored on your premises, Microsoft Azure, and other cloud providers. Thales TCT technology enables you to:
- Avoid cloud vendor encryption lock-in and ensure the data mobility you need while you efficiently and securely spread workloads and data across multiple cloud vendors, including Microsoft Azure, with centralized, independent encryption management
- Take secure advantage of Azure Key Vault with a centralized key management solution that spans multiple clouds
- Identify attacks faster with data access logging to industry-leading SIEM applications
- Reduce or eliminate risks arising from compromised credentials with advanced encryption including privileged user access controls
- Architect applications for the cloud with built-in security using Vaultless Tokenization with Dynamic Data Masking
Bring Your Own Encryption
If you’re 100% Microsoft Azure-based with stringent data security controls, or if you’re running hybrid clouds with data distributed across your on-premises private cloud, multiple cloud providers, and on Microsoft Azure, you need an advanced data encryption solution. CipherTrust Transparent Encryption protects your files and databases on your premises and across multiple clouds including Microsoft Azure, without any changes to applications, databases, infrastructure or business practices.
CipherTrust Transparent Encryption:
- Strengthens data security with controls against unauthorized access based on granular access policies, including user identity (including for administrators with root privileges), and process, among many others
- Accelerates breach detection and satisfy compliance mandates with detailed file access logs directed to your security information and event management (SIEM) system
- Delivers a fast return on investment with a non-intrusive, flexible implementation. Encryption agents operate on Azure compute instances or any other server accessing storage, protect Azure Disk and Azure Files, and are available for many Windows versions and Linux distributions
CipherTrust Manager
CipherTrust Manager centralizes key, policy and log management for CipherTrust Transparent Encryption, available in various hardware models for on-premises deployment, or can be instantiated in the Azure Marketplace.
Bring Your Own Key
Organizations that cannot bring their own encryption can still follow industry best practices by managing keys externally using the CipherTrust Cloud Key Manager.
The CipherTrust Cloud Key Manager leverages cloud provider Bring Your Own Key (BYOK) API’s to reduce key management complexity and operational costs by giving customers lifecycle control of encryption keys with centralized management and visibility. The solution is available on the Microsoft Azure Marketplace, or can be deployed on premises or in any private cloud deployment to meet more stringent compliance requirements.
CipherTrust Cloud Key Manager offers the following advantages:
- Enhanced IT efficiency with multi-cloud key management from a single console that offers automated key rotation and comprehensive key life cycle management
- Safer key management practices combined with cloud benefits of scale, cost and convenience
- Greater control over keys—you can control key generation and storage of keys used in Microsoft Azure, Azure Government, AWS KMS, the Google Cloud Platform Customer Managed Encryption Key (CMEK) Service and more
Resources
Image | Title | Link |
---|---|---|
CipherTrust Encryption key management solutions for Microsoft® SQL Server® and Oracle® Database Solution Brief | ||
CTO Sessions On Demand: Protecting Your Data in Their Cloud | ||
CTO Sessions Webcast: A Guide to BYOK and HYOK for AWS, Azure, Google, Oracle and More | ||
Microsoft Azure Advanced Data Protection Solution Brief | ||
Thales TCT Luna Hardware Security Solutions for Microsoft Certificate Services | ||
Votiro + Office 365 Solution Brief | ||
White Paper: Best Practices for Cloud Data Protection and Key Management | ||
White Paper: Best Practices for Secure Cloud Migration | ||
White Paper: The Case for Centralized Multicloud Encryption Key Management |