CertiVox’s breakthrough technology for secure information exchange
Encryption key management service (KMS) is complicated business, but CertiVox makes it easy. CertiVox KMS uses the standards based KMIP (key management interoperability protocol) so anything that employs encryption – from database applications to virtual machines and hardware; from smart devices to disk and tape drives – can now use a trusted and secure cloud service to employ end-to-end key management lifecycles for any kind of scenario.
CertiVox is simply better than anything else on the global market today. Why? Because our MIRACL SDK, in combination with our groundbreaking KMS, enables unbreakable security agility that keeps your data secure and protected. CertiVox solutions are especially ideal for SaaS providers, semi-conductor and smart device manufacturers who desire to build integrated key management into their solutions from the ground up.
What is Key Management exactly?
When data is encrypted, it is “locked” with a key or series of keys. What happens to those keys after encryption is key management. Key management provides the framework for creating, storing, distributing, rotating, updating, archiving and eventually retiring the keys that protect, or lock, your sensitive data. Good key management is secure, reliable and auditable. It provides the right key, in the right place, at the right time.
Is Key Management really that important?
Absolutely. Maintaining provable security posture is critical for compliance across a range of industries. US state rules in Massachusetts (MA 201 CMR 17) and California (CA SB 1386) are mandating the use of encryption to protect data. Nevada’s NV SB 227 goes even further by directing compliance for the industry, including Payment Card Industry Data Security Standard (PCI DSS) for any business that accepts credit cards. In Germany, the Federal Data Privacy Act mandates the use of encryption for storing personal data. And in the UK, aggressive action by the Information Commissioner Office (ICO) and Financial Services Authority (FSA) has made data breach notification de facto law, also mandating encryption of data for certain scenarios. Key management is an essential part of security best practices and as such is now mandated by the PCI DSS across a range of use cases.
What is the future of Key Management?
By 2013, regulations requiring the protection of data and mandatory breach notification will be the rule, not the exception. Until then, many organizations will continue to experience damaging, costly, and very public data breaches. Encryption is one of the most effective means to protect an organization’s information (and its customers’ information) to achieve their compliance and IT operations objectives.
Why is it best to outsource Key Management Services?
Keys are the foundation of all encryption-based security solutions. Managing encryption keys in a secure, yet efficient manner is serious business yet the technology behind it can internally challenge your organization’s overall data protection program. It takes just one malicious internal or external hacker who gains access to your encryption keys to unlock all of the data protected by those keys. Partnering with a reputable Key Management service provider to enable key generation, distribution, usage, expiry, revocation and updates provides you the ability to focus on what you do best: taking care of your business.
How can the CertiVox KMS help my organization?
CertiVox has the only cloud-based service on the market today that can handle your end-to-end key management lifecycle without requiring investment in software or hardware for your organization with an easy to understand SaaS based pricing model. No other Key Management provider does this. At CertiVox, we meet the needs of enterprises, OEMs and SaaS providers with a standards based compliant key management offering. From web services to hard disks, we simplify it all for you. Contact a solutions specialist today to learn how.
