Skip Navigation

Download this solution brief to learn how federal agencies can ensure that their data is properly protected through cloud-independent encryption and key management deployed in AWS, Azure, Google Cloud, and IBM Cloud environments as well as in private or hybrid cloud infrastructures. It discuses cloud security best practices including:

  • Bring Your Own Encryption (BYOE) which enables the highest level of data security in the cloud
  • Bring Your Own Key (BYOK) which add an additional layer of security to native cloud encryption

Download Now


Cloud Security Alliance's Cloud Controls Matrix states in section EKM-04 that "Keys shall not be stored in the cloud (i.e., at the cloud provider in question), but maintained by the cloud consumer or trusted key management provider. Key management and key usage shall be separated duties." Download this white paper to learn how secure and manage your encryption keys in a multicloud environment.

Download Now

Part 5 of this video series based on a recent Thales TCT webinar discusses how to secure cloud deployments.

Government agencies should focus on implementing solutions that can simplify the data security landscape and reduce complexity across multiple clouds and legacy environments, as well as modern, cloud-based digital transformation technologies. Agencies should consider data security solutions that enable protection of data moving between clouds and out of the cloud to on-premises environments and should leverage centralized security solutions that orchestrate data security across multiple cloud platforms.


The Cloud First initiative is now a reality—civilian and defense agencies are being asked to default to cloud-based solutions when possible. In order to facilitate the transition to the cloud, the Federal Government has implemented the government-wide Federal Risk and Authorization Management Program (FedRAMP) to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Download Now

Attendees of this webcast learned how to easily secure data in a virtual environment through encryption in order to:

  • Ensure compliance with regulations and security policies
  • Protect directory services and intellectual property
  • Secure data in disaster recovery sites

Download Now

Kirk Spring, President of Thales TCT, addresses the security challenges that federal agencies face when moving sensitive data to the cloud. He shares his insight into how data owners can ensure that their data is secure in any cloud environment by controlling their encryption and owning their encryption keys.


Kirk Spring, President and Board Member, Thales TCT, shares his insight with SIGNAL Media Editor in Chief Bob Ackerman about the hybrid cloud.


Securing data properly requires that customers own—and can prove that they own—their data, from inception to deletion. That means that customers—not their cloud provider—must own their encryption and encryption keys. Watch our video to learn more.


This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.