Bring Your Own Key: What is the Difference Between BYOK, CYOK & HYOK?

Bring Your Own Key: What is the Difference Between BYOK, CYOK & HYOK?

Her we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these three methods for protecting business-critical cryptographic keys used to encrypt data in the cloud.

Manage, Handle and Control Your Own Key in the MS Azure Key Vault

Manage, Handle and Control Your Own Key in the MS Azure Key Vault

Microsoft’s Azure Key Vault Managed HSM allows customers to safeguard their cryptographic keys for their cloud applications and be standards-compliant. It is a highly available, fully managed, single-tenant cloud service that uses FIPS 140-2 Level 3 validated hardware security modules (HSMs). Here we will discuss the reasons why customers who have a centrally managed key management system on-premises in their data center should use a hosted HSM for managing their keys in the MS Azure Key Vault.

Understanding the Concepts of Bring Your Own Key

Understanding the Concepts of Bring Your Own Key

Bring your own key (BYOK) is a popular term relating to key management for cloud applications. However, a lack of standardization makes it confusing to understand the various meanings that exist under bring your own key. To help understand this, the Cloud Security Alliance (CSA) in its document “Key Management in Cloud Services” has been helpful in describing the various meanings and concepts surrounding “Bring Your Own Key.”

Hybrid Cloud & Key Management for Financial Service Platforms: IBM's New CCA 7.0 and the Mainframe z15

Hybrid Cloud & Key Management for Financial Service Platforms: IBM's New CCA 7.0 and the Mainframe z15

In response to changing and more dynamic market demands, banks and financial institutions are turning into financial service platforms. They increase the extent of their digital transformations across the hybrid cloud, guided by three motivating factors:

BYOK for MS Azure KEY Vault - Helping Banks Take Control of Their Keys for MS Azure, Dynamics, and Office 365

BYOK for MS Azure KEY Vault - Helping Banks Take Control of Their Keys for MS Azure, Dynamics, and Office 365

This article explores how Cryptomathic CKMS combines BYOK for the MS Azure Key Vault with banking-grade key lifecycle management; to address the concerns banks have regarding key management in the public cloud.

End-to-end Banking-grade Key Management - From On-premise to Multi-cloud BYOK

End-to-end Banking-grade Key Management - From On-premise to Multi-cloud BYOK

In this article, we will look at integration points and explain why it is important that a key management system is able to integrate with a number of applications across various environments (in-house data centers and public clouds).

Bring Your Own Key (BYOK) to AWS Enlarges Scope of Manoeuvre for Financial Institutions

Bring Your Own Key (BYOK) to AWS Enlarges Scope of Manoeuvre for Financial Institutions

This article discusses how Cryptomathic CKMS addresses concerns that financial institutions may have regarding key management in the cloud - by bringing banking-grade lifecycle key management and BYOK to Amazon Web Services (AWS) as a hybrid-cloud banking architecture.

Bring Your Own Key (BYOK) to the Google Cloud Brings New Opportunities to Financial Institutions

Bring Your Own Key (BYOK) to the Google Cloud Brings New Opportunities to Financial Institutions

This article discusses the concerns surrounding key management for cloud environments and how Cryptomathic addresses them by bringing banking-grade cryptographic key management to the Google Cloud - in the context of a hybrid-cloud banking architecture.

Migrating Business-Critical Cryptography to the Cloud - Considerations for the Banking Sector

Migrating Business-Critical Cryptography to the Cloud - Considerations for the Banking Sector

Today, financial institutions are driven by a strategic question: How can they embrace the benefits of the cloud’s flexible and scalable on-demand services, while perpetuating a trustworthy, banking-grade level of cryptographic security?