Entrust has announced a new offering to help companies better manage encryption keys. KeyControl as a Service (KCaaS) provides a cloud-based unified dashboard that provides visibility, traceability, compliance tracking, and an audit trail of keys and secrets.
KCaaS also automates key storage, backup, distribution, rotation, and revocation. It features a decentralized vault architecture, which ensures that keys don’t leave their designated vault except to move to authorized endpoints.
It supports several use cases, like Key Management Interoperability Protocol (KMIP), Bring Your Own Key and Hold Your Own Key deployments, secrets managements, privileged account session management, tokenization, and database protection.
Other benefits include continuous tracking of keys and secrets against compliance standards, the ability to support millions of keys/secrets, and risk assessment and scoring.
According to Entrust, KCaaS is FIPS 140-2 Level 1 certified, but for companies needing higher levels of assurance, it can be integrated with a FIPS 140-3 and Common Criteria EAL4+ certified Entrust nShield Hardware Security Module (HSM) to provide an extra layer of security.
“When it comes to cloud data security, the ability to create, use, and control encryption keys in the cloud is vital,” said Bhagwat Swaroop, president of digital security solutions at Entrust. “As such, organizations are increasingly turning to cloud-based, as-a-service solutions to fulfill their cryptographic security requirements either in addition to or as a replacement for traditional on-premises solutions. Entrust KeyControl as a Service is designed specifically to help address the challenges of securing data everywhere − including in the cloud − and managing the keys and compliance in a heterogeneous and interoperable way.”