Bring Your Own Key: What is the Difference Between BYOK, CYOK & HYOK?

Bring Your Own Key: What is the Difference Between BYOK, CYOK & HYOK?

Here we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these three methods for protecting business-critical cryptographic keys used to encrypt data in the cloud.

Cloud encryption: Bring Your Own Key is no longer enough

Cloud encryption: Bring Your Own Key is no longer enough

Encryption key management systems are now essential for all companies needing to lockdown data in the cloud, says Matt Landrock, CEO, Cryptomathic Inc.

ANSI X9.24-1-2017: Key Replacement, Destruction, and Archiving

ANSI X9.24-1-2017: Key Replacement, Destruction, and Archiving

One aspect of key management is dealing with what happens when a symmetric cryptographic key is no longer needed. The section ‘Key Replacement, Destruction and Archiving’ within ANSI X9.24-1-2017 explains what needs to happen.

How To Regain Control Of Your Cryptographic Keys With Centralized Key Management

How To Regain Control Of Your Cryptographic Keys With Centralized Key Management

This article describes from a CISO perspective how to manage and protect security assets in large organisations, i.e. the cryptographic keys and suggests adequate procedures and systems.

2/3 of organizations with public facing vulnerable to hacker attacks

The Heartbleed security vulnerability, publicised in March 2014, received an abundance of media attention as it exposed over 1 million web servers worldwide relying on OpenSSL version 1.0.1. The bug was corrected shortly after the leak with the release of OpenSSL v1.0.1g on April 7th 2014. However, estimates suggest that around 2/3 of organisations with public-facing systems are still vulnerable to the attack.

Symmetric Cryptography in Financial Institutions: Key Management Challenges

Symmetric Cryptography in Financial Institutions: Key Management Challenges

This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten advantages as opposed to asymmetric cryptography.

ANSI X9.24-1-2017: Key Loading

ANSI X9.24-1-2017: Key Loading

The ANSI X9.24-1-2017 standard defines the requirements for the loading of key components or shares, and the loading of cleartext keys. The loading of encrypted keys is described in other parts of the standard.

Cryptographic Key Management - the Risks and Mitigation

Cryptographic Key Management - the Risks and Mitigation

With the growing need for cryptography to protect digital assets and communications, the ever-present security holes in modern computer systems, and the growing sophistication of cyber attacks, it has never been more important or harder to keep your cryptographic keys safe and secure.

A single compromised key could result in a massive data breach, resulting in reputational damage, punitive regulatory fines, and a loss of investor and customer trust.

Turning Cryptography into a Service - Part 2

Turning Cryptography into a Service - Part 2

Part 2 – Accelerating Time-to-Market

 

With the increase in e-commerce and electronic communications on the one hand and the growing challenges of cybercrime and data protection regulation, on the other hand, cryptography is becoming an increasingly important business enabler.

Payment & Banking Cryptography: An Overview of the Benefits of z/OS and the Z Platform

Payment & Banking Cryptography: An Overview of the Benefits of z/OS and the Z Platform

This article looks at some reasons for popularity of the IBM mainframe platform in the banking sector and touches upon its limitation for cross-vendor encryption and key management.