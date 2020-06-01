Cryptomathic First to Launch Full Lifecycle & HSM-Agnostic ‘Bring Your Own Key’ Solution for Microsoft Azure Key Vault

June 2020 by Marc Jacob

Cryptography solutions pioneer, Cryptomathic, has today enabled its client banks and other security-sensitive businesses to leverage Microsoft Azure’s platform while retaining lifecycle control of critical keys, following the introduction of unique HSM-agnostic functionality in its popular key lifecycle management system, CKMS.

‘Bring Your Own Key’ (BYOK) cloud solutions, which enable businesses using cloud services to generate, back up, deliver and manage their own cryptographic keys, have quickly gained traction among businesses that require a high level of control over their data security in the cloud.

Until recently Microsoft Azure’s Key Vault BYOK support has only been possible using a single vendor’s HSM (Hardware Security Module). Microsoft today announces public support for a new protocol open to HSM and other security-centric vendors.

Cryptomathic is proud to be an early supporter of this standard and the first to support it with a comprehensive banking grade key management system, CKMS. CKMS allows Azure Key Vault BYOK keys to be automatically pushed to the cloud under a policy dictated by the business. The same key(s) can be securely delivered to on-premise applications and even to a third-party cloud vendor. CKMS supports multiple HSM brands at its core, and thus puts the choice of HSM vendor in the hand of the customer. This HSM-agnostic approach allows banks and organisations broad support of applications in the cloud and on-premise, underpinned by their preferred HSM brand.