KEY MANAGEMENT AS SERVICE

Cogito group are experienced Key Management service providers. Since 2011 Cogito Group have offered comprehensive Key Management as a service options. We can provide BYOK and HYOK, alongside dedicated or shared services including hardware offerings. Our offerings are designed to reduce organisational cost while improving security posture. Our key management services allow organisations to:

AVOID VENDOR LOCK IN

Vendor lock-in prevents migration from one cloud provider to another. Without a viable migration option, cloud customers become dependent on their service provider and any subsequent service changes. 

ENABLE DATA SOVEREIGNTY

Data Sovereignty refers to when an organisation in one country sends and stores data in a separate geographical location. this can become a complex legal issue, particularly in reference to cloud-based service providers.

REDUCE COST

Costs assosciated with Key Management can rise upward into the millions. From training staff in niche skill areas, to setting up and adopting new systems. Cogito’s KMaaS services bring organisations cost-effective agility. 

ENABLE BYOK AND HYOK

BYOK allows clients to use keys not related from their cloud services vendor. They can generate their own key, or use a third-party key provider. HYOK allows customers to keep their key in an on-premises service and manage all encryption and decryption with their own hardware.

KEY MANAGEMENT EXPLAINED

Hackers aren’t looking to break your encryption, they want to find your keys.

When data is encrypted a new key is created. Keys need to be protected to ensure the means to unlocking your data remains secret.

Data encryption is classified in two types; symmetric and asymmetric. Each term refers to the respective number for keys used. Symmetric encryption uses one single key to encrypt and decrypt the data. In Asymmetric encryption, a public key encrypts data and a private key decrypts it. The public key can be freely distributed, however the private key must be kept very secure.

Key Management is the procedure of protecting keys, this involves identifying who holds the keys; how they are generated; how they are distributed, and how they are rotated.

BYOK

BYOK (Bring Your Own Key) is a method of key management that allows users to retain control of their key management. Best practice for BYOK involves customers generating keys in strong, tamper resistant hardware security modules. The FIPS-140-2 Level 3 HSM configuration is considered by the National Institiute of Standards and Technology to be the most secure.

HYOK

HYOK (Hold Your Own Key) is a method of key management that allows users to use their own on-premises hardware to perform encrption and decryption activities. Hold Your Own Key enusres that no one has access to your data without your approval. 

Critical Components of Key Management Services:

Each key management service may differ slightly in its components. To keep your data safe understanding the differences in these configurations is key. These include:

KEY STORAGE

If a company stores both your encrypted keys and encrypted data they will be able to access this data. It is generally accepted that providers for encrypted keys and data should be kept separate to prevent them accessing your data. 

POLICY MANAGEMENT

Policies can be created for encryption keys to allow a company to create, revoke, expire and remove ability to share keys and data. 

AUTHENTICATION

Authentication refers to the user who is given a key being identified as able to use it.

AUTHORISATION

Authorisation allows users to access the data assigned to their roles and responsibilities. Best practice is to offer least privilege.

COGITO’S EXPERIENCE

Safenet/Gemalto/Thales Luna, Key Secure, and Vormetric product lines

AU: +61 2 6140 4494

NZ: +64 4909 7580

Support Services:

Primary: +64 22 694 2169

Secondary: +64 27 566 3355

[email protected]

 

Auckland | Brisbane | Canberra
London | Melbourne | Sydney
Wellington | Washington DC

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you