Externally Manage and Store Oracle Cloud Infrastructure Keys

Control your data and encryption keys for digital sovereignty and meet compliance requirements

  • Meet compliance mandates
  • Streamline encryption management with seamless key rotation
  • Reduce administration costs with centralized key and policy management
  • Optionally store encryption keys in FIPS 140 Level 3 hardware security module

Oracle Cloud Infrastructure (OCI) External Key Management Service (EKMS) is a new capability that allows customers to protect their data in OCI using encryption keys held inside CipherTrust Manager external to OCI.

Benefits:

  • Move critical workloads with sensitive data to Oracle Cloud Infrastructure
  • Maintain sovereign control of sensitive data
  • Gain strong key control and security

OCI EKMS with Thales CipherTrust

CipherTrust Cloud Key Management (CCKM), which is a licensed component of the CipherTrust Manager, delivers external key storage, key generation, separation of duties, reporting, and key life cycle management to help fulfill internal and industry data security mandates. FIPS140 Level 3 certification available.

Enabling Organizations To:

  • Maximize choice from a single console, manage Native, BYOK, HYOK keys across clouds
  • Demonstrate compliance with privacy regulations
  • Improve operational sovereignty to protect against internal and external bad actors
  • Reduce threat surface by centralizing control of keys outside of cloud providers
  • Increase efficiency and reduce costs by simplifying and automating key management
  • Faster time to value by speeding up migration to the cloud

CipherTrust Cloud Key Management for Oracle Cloud Infrastructure

Thales’ CipherTrust Cloud Key Management (CCKM) provides visibility and streamlined security administration. The integration of OCI External Key Management Service (EKMS) with CCKM gives organizations the ability to physically store their keys outside of OCI and use a single pane of glass to seamlessly manage the encryption key lifecycle for OCI Services and other cloud encryption solutions. OCI offers key management with integrated visibility and security to secure data in the cloud. OCI encryption combined with CCKM gives organizations seamless end-to-end security. To enable customer control of encryption keys, Thales solutions include Oracle Native Key Management, Bring Your Own Key (BYOK) and Hold Your Own Key (HYOK) Services.

CipherTrust Cloud Key Management

Amplify the benefits of your native keys. CipherTrust Cloud Key Management (CCKM) respects your choice to use native keys, while providing the opportunity to expand your key ownership models to include BYOK and HYOK. CCKM centralizes key management for Native, BYOK and HYOK cloud keys from a single browser window, across multiple clouds, regions, accounts, subscriptions, projects, applications, org ids and more.