Key Management-as-a-Service

Painless security for any encryption workload - on premise, hybrid cloud and multi-cloud

Deploy enterprise-wide key management in under 5 minutes

Available via StorMagic Cloud Services, Key Management-as-a-Service (KMaaS) allows an organization to deploy a cloud-based key management service, instead of running one or more key managers on physical hardware. It ensures an organization can keep all keys secure and accessible within the cloud, regardless of encryption workload or location.

Flexible

Any workload, any location, whether on premise, hybrid cloud or multi-cloud, even extend legacy HSMs.

Robust

Keys are always secure and accessible through load-balanced high availability and multi-tenanted instances.

Simple

Easy to deploy in less than 5 minutes with an intuitive UX, role-based access control and advanced reporting.

KMaaS Features

StorMagic KMaaS has a broad suite of enterprise-grade features. Explore each of them in the expandable columns below.

  • Supports many different key algorithms, including symmetric and asymmetric key types.
  • Formats include the following: AES 128, 192, 256, - RSA 2048, 3072, 4096 Elliptic curve (ECDSA) - support of 85 curve algorithms.
  • Enables users to choose the algorithm that fits their needs.
  • Retires outdated encryption keys and generates new cryptographic keys to replace them.
  • Saves and stores the current SvKMS state for future restoration.
  • Set on-demand and scheduled backups to an external location, restoring them when required.
  • Only one key management service is necessary to facilitate all key encryption requirements.
  • Deploy as a KMIP server in a virtual environment in minutes, for a fraction of the cost and effort of an HSM.
  • Reduce overheads/administration related to managing encrypted data, such as tape drives, databases, storage array and software, through centralized management.
  • Applications can connect, interact and integrate directly with SvKMS.
  • A common interface for key management operations (get, fetch, rotate, etc).
  • Build automation workflows and integrate with use cases limited by previous standards like PKCS#11.
  • BYOK allows companies to encrypt data and retain control and management of encryption keys, even in the cloud.
  • Leading edge KMIP adoption, to enable communication with all systems and environments.
  • Extend the reach of HSM’s to a multitude of new workflows.
  • Ensure compliance and enact robust key policies.
  • Secure single-sign-on (SSO).
  • Cryptographically layered key wrapping.
  • Tokenization and Certificate authentication.
  • Analyze and report on key management activities to uncover potential threats.
  • Collects data through the use of the syslog format, which can then be exported to external SIEM tools.

Leveraging tried-and-tested software

The software behind the KMaaS product is the same as that available through StorMagic SvKMS encryption key management. SvKMS is a software solution that is installed by the end user. KMaaS is entirely cloud-based - it is genuine key management-as-a-service with nothing to maintain. Simply connect to the highly available, load-balanced clusters provided by StorMagic, which are secure, isolated tenancies, and coordinate every aspect of key management from a single pane of glass.

The flexibility offered by KMaaS ensures every encryption workload and service can be consolidated into a single key management interface. Furthermore, just like SvKMS, the service provides the ability to extend the functionality of existing hardware security modules (HSMs), allowing them to handle new workflows such as SaaS, PaaS and IoT as well as advanced key management capabilities that were previously impossible.

Simplify and streamline key management policies with KMaaS, a single cloud-based service handling every part of the entire key management lifecycle, and do away with the onsite hardware and software previously considered a requirement for these solutions.

Explore the licensing and pricing options for KMaaS

Flexibility on subscription length and number of keys. Build your solution on your terms.