How Bring Your Own Key Can Provide Schrems II Compliance for AWS-Hosted Data

How Bring Your Own Key Can Provide Schrems II Compliance for AWS-Hosted Data

Companies who use Amazon Web Services (AWS) often choose to do so because of its scalability, ease of use and lower costs than other services or hosting their own data centers. However, it could bring a challenge for those in the EU who need to remain compliant with Schrems II to protect their data. Here we discuss the compliance challenges facing EU companies using AWS to host data and how Cryptomathic’s Bring Your Own Key (BYOK) Service can provide Schrems II compliance for AWS-hosted data.

Secure BYOK Service for AWS S3 Buckets

Secure BYOK Service for AWS S3 Buckets

Keeping data safe in the Cloud has always been a concern for users, hence the need for encrypting data. With more businesses taking advantage of what the cloud has to offer with cloud-based services, there has been increased focus on who should manage the keys used to encrypt and decrypt data.

This article takes a look at how Cryptomathic’s AWS BYOK Service can provide better control and auditability of key encryption keys for the Amazon Simple Storage Service (Amazon S3).

Cryptomathic’s AWS BYOK Service for Enhanced Auditability in The Cloud

Cryptomathic’s AWS BYOK Service for Enhanced Auditability in The Cloud

Many industries, including banking, finance and healthcare are required to comply with data security standards under regulations like SOC, NIST, PCI, GDPR or HIPAA. Such industries can be subject to costly penalties if they are unable to prove their compliance in the event of a security breach.

Bring Your Own Key: What is the Difference Between BYOK, CYOK & HYOK?

Bring Your Own Key: What is the Difference Between BYOK, CYOK & HYOK?

Here we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these three methods for protecting business-critical cryptographic keys used to encrypt data in the cloud.

Manage, Handle and Control Your Own Key in the MS Azure Key Vault

Manage, Handle and Control Your Own Key in the MS Azure Key Vault

Microsoft’s Azure Key Vault Managed HSM allows customers to safeguard their cryptographic keys for their cloud applications and be standards-compliant. It is a highly available, fully managed, single-tenant cloud service that uses FIPS 140-2 Level 3 validated hardware security modules (HSMs). Here we will discuss the reasons why customers who have a centrally managed key management system on-premises in their data center should use a hosted HSM for managing their keys in the MS Azure Key Vault.

Understanding the Concepts of Bring Your Own Key

Understanding the Concepts of Bring Your Own Key

Bring your own key (BYOK) is a popular term relating to key management for cloud applications. However, a lack of standardization makes it confusing to understand the various meanings that exist under bring your own key. To help understand this, the Cloud Security Alliance (CSA) in its document “Key Management in Cloud Services” has been helpful in describing the various meanings and concepts surrounding “Bring Your Own Key.”

Hybrid Cloud & Key Management for Financial Service Platforms: IBM's New CCA 7.0 and the Mainframe z15

Hybrid Cloud & Key Management for Financial Service Platforms: IBM's New CCA 7.0 and the Mainframe z15

In response to changing and more dynamic market demands, banks and financial institutions are turning into financial service platforms. They increase the extent of their digital transformations across the hybrid cloud, guided by three motivating factors:

Banks, Ecosystems & Service Innovation - Aligning the Crypto Architecture around MS Azure and Dynamics

Banks, Ecosystems & Service Innovation - Aligning the Crypto Architecture around MS Azure and Dynamics

This article explores the concept of financial service platforms and aligns resulting business (process) goals with the necessary crypto architecture. We have a particular look at the integration of MS Dynamics and MS Azure, as it is a rapidly growing service extension platform for many banks.

BYOK for MS Azure KEY Vault - Helping Banks Take Control of Their Keys for MS Azure, Dynamics, and Office 365

BYOK for MS Azure KEY Vault - Helping Banks Take Control of Their Keys for MS Azure, Dynamics, and Office 365

This article explores how Cryptomathic CKMS combines BYOK for the MS Azure Key Vault with banking-grade key lifecycle management; to address the concerns banks have regarding key management in the public cloud.