MICROSOFT AZURE KEY VAULT

CKMS is a key management system designed to protect high-value keys for banks and other financial institutions; CKMS delivers automated key distribution to a broad range of applications.

Cryptomathic are proud to be an early adopter of Microsoft’s new Bring Your Own Key (BYOK) service announced on 29^th May 2020, and the first provider with a enterprise key-lifecycle management product.

To discuss your needs around BYOK support and the other applications of CKMS, please contact us or submit the form on this page.

Azure Key Vault and key lifecycle management with CKMS

Cryptomathic’s Crypto Key Management System (CKMS) integrates with the MS Azure Key Vault for automated BYOK. The Key Vault is the underlying central storage place for keys for applications within the MS Azure environment. Keys are stored in FIPS 140-2 compliant HSMs. 

From CKMS, a bank can securely and efficiently bring their keys for use within the MS Azure cloud environment. CKMS ensures good keys are generated and managed, independent of the cloud service provider. The same key can be made available to multiple Azure Key Vaults in different regions; to applications running on-premise and even other Cloud services providers.

See the CKMS product sheet to learn more.

HSM support

CKMS supports a choice of multiple HSM brands at its core – to ensure the quality of key material, the protection and the integrity of keys at rest and in transit.

The current version of CKMS supports HSMs from leading vendors including: nCipher (nShield), Thales (Safenet), Utimaco (CryptoServer). Additionally, Thales payShield and SafeNet HSMs can be supported as a recipient of key material.

To discuss the details of HSM support, please fill in the form on this page.