DATABASE PROTECTION

CENTRALIZED AND SECURE MANAGEMENT OF CRYPTOGRAPHIC KEYS

As security incidents and data leaks become an almost daily occurrence, it is critical that information that requires encryption is protected in creation, use, transit, and rest.

KRYPTUS KMS solution combines cryptographic key lifecycle orchestration and automatic encryption application with high-performance hardware-based security for secure key handling and processing.

CRYPTOGRAPHIC KEYS

CENTRALIZE KEY MANAGEMENT WITH KRYPTUS KMS

By performing the management and distribution of cryptographic keys, KRYPTUS KMS solution coordinates keys lifecycle activities and usage for applications, databases and communications.

scalability

Continuous protection with the capacity to store millions of keys.

automation

Schedules and performs cryptographic operations on millions of keys at once.

compatibility

Seamlessly integrates with legacy, current and future technologies.

compliance

Provides full reports and support for compliance audits.

DATABASE ENCRYPTION

  • Native integration or transparent TDE, for various KMIP database types (Mongo, MySQL, DB2)
  • Special Oracle and SQL Server connectors
  • Fully compatible with KMIP protocol, allowing compatibility with native encryption for structured or unstructured data.
  • TDE is the native option for multiple systems
  • KRYPTUS KMS is the security that implements the suitability for privileges for accessing the keys used in the TDE, encrypting and controlling their use.
database encryption

HOW DATA CIPHER WORKS

kmip

Step 1: Encryption Master Keys are created and replicated between HSMs;
Step 2: Table cipher keys are created and protected with the master key via KRYPTUS KMS;
Step 3: The database is configured to use the TDE or the special connectors.

DATABASE ENCRYPTION

UNSTRUCTURED DATABASE ENCRYPTION

KRYPTUS KMS also performs key orchestration on HYOK and BYOK models in a multicloud environment.

  • Private cloud VMware: Integration via KMIP to control encryption privileges on VM, VSAN and NSX.
  • AWS: KRYPTUS KMS provides management of AWS customer master keys and other key management requirements.
  • Azure: KRYPTUS KMS uses the orchestration APIs to register keys in Azure Key Management.
  • Google: KRYPTUS KMS integrates with Google Cloud
  • Storages: Via KMIP on products such as Dell, HPE 3PAR, NetApp, Racktop, Cray.

MAIN FEATURES OF KRYPTUS KMS SOLUTION

interoperability

scalability

extensibility

security

kNET HSM

KRYPTUS kNET HSM is a high-security, multi-purpose device designed to provide a scalable, high-performance environment for cryptographic key storage, management, and operations.

KEY PROTECTION

Key protection is done through kNET HSM equipment with the following features:

  • FIPS 140-2 nível 3 (EFP/EFT)
  • ICP-Brasil NSH3
  • Multitenant separation
  • Symmetric and asymmetric encryption
  • APIS: KMIP, PKCS#11, Microsoft CSP, Java JCA/JCE
  • Dual fator authentication (TOTP, HOTP)
  • Physical and logical protections against opening, safe boot, temperature and voltage sensors (even with equipment off)

fips e icpbrasil

TALK TO KRYPTUS  Whatsapp

  • Rua Maria Tereza Dias da Silva, 270 - Barão Geraldo - Campinas-SP - Brasil - CEP 13083-820
  • +55 (19) 3112 5000