Cutting-edge key management functionality

SvKMS is the most flexible encryption key management solution (KMS) on the market. It helps businesses properly secure data in cloud computing, virtualization, IoT, and legacy environments in an ever-shifting and complex threat landscape.

SvKMS customers and partners recognize that de-centralization and distribution of workloads requires a new approach to encryption key storage that overcomes the inflexibility of the old model. As a result, SvKMS offers features that meet customer demand for secure, platform-agnostic and centralized key management, storage and provisioning that fit into the new model of data residing in distributed locations like cloud, on-premises, edge and IoT.

SvKMS features

The features available in SvKMS depend on which SvKMS Edition is used:

  • SvKMS Essentials Edition
    Take advantage of built-in encryption for a single or small number of use cases or keys
  • SvKMS Professional Edition
    Mid-level key manager for a limited number of use cases, with capability to expand as time goes on
  • SvKMS Enterprise Edition
    Advanced key management functionality for an unlimited number of use cases

More information on SvKMS Editions is available on the SvKMS Pricing page. Explore the full range of features below:

SvKMS Features Enterprise Professional Essentials
    • Allows other applications to connect, interact and integrate directly with SvKMS.
    • Defines a common interface for key management operations (get, fetch, rotate, create, delete, etc.)
    • Build automation workflows and integrate with many use cases that were limited with previous standards like PKCS#11.
    • Read more about the REST API feature on its dedicated feature page.
  • Use Cases
Unlimited 5 1
  • Unlimited  Encryption Keys
Up to 250 Up to 50
    • Encrypt your data and retain control and management of encryption keys even in cloud computing environments.
    • Generate strong keys and control the secure export of keys to the cloud, thereby strengthening key management practices.
    • Separate the lock (encryption) from the key (encryption key)
    • Read more about the BYOK feature on its dedicated feature page.
  • KMIP Server
    • A cost-effective solution where only one key management service is necessary to facilitate all key encryption requirements.
    • SvKMS can be deployed as a KMIP Server in a virtual environment in minutes, for a fraction of the cost and effort of an HSM.
    • Reduces overheads/administration related to managing encrypted data, such as tape drives, databases, storage array and software, through centralized management.
    • Read more about the KMIP feature on its dedicated feature page.
  • Cluster Management and High Availability
    • Easily activate a new key management installation.
    • Simple KMS setup for both a single instance and a complex high availability cluster.
  • Full Key Management Lifecycle
    • Ensure compliance and enact robust key policies through the entire key lifecycle, from creation to storage, archiving and deletion.
  • Robust Key Management Operations
  • Painless Backup and Restore
    • Saves and stores the current SvKMS state for future restoration.
    • Set on-demand and scheduled backups to an external location, restoring these backups when required.
  • Hybrid On-Premise/Cloud Configuration
    • Generate, store and provision keys onsite/on-premises, in the datacenter and/or in private, public or hybrid clouds.
  • Proactive Insights (Manage Notifications and Alerts)
    • Audits all activity related to key data that can include anything from key creation, to rotation and compromise.
    • Provides alerts on activity in a cryptographic system that requires further investigation in order to detect and prevent breaches or other issues.
  • Role-based Access Control (RBAC)
    • Allows the administrator to effectively segment and control who has access to various encrypted systems.
    • Allows groups to handle who may access a key. For example, a group for databases may allow certain key users access to unencrypt certain data but may exclude other key users within the storage group.
  • HSM Extension
    • Supports PKCS#11 specification, allowing integration with HSMs.
    • Consolidates key management into one single pane of glass, while extending the life of in-house HSMs.
    • Can serve as an abstraction in front of an HSM, provisioning keys out through the key manager which can then perform many key management lifecycle functions.
    • Read more about the HSM extension feature on its dedicated feature page.
  • TPM Protection
  • Custom Key Import
    • Manage old key types and secrets – such as PGP, DES, CAST and Blowfish – from the same centralized key manager.
    • Read more about the custom key import feature on its dedicated feature page.
  • Sophisticated, Single-User Interface (UI)
    • One key manager supports many different key management use cases, all from one interface, thus reducing time and costs.
  • Detailed Auditing and Logging, Exportable to Popular SIEMs
    • Analyze and report on key management activities to uncover potential threats.
    • Collects data through the use of the syslog format, which can then be exported to external SIEM tools.
  • FIPS 140-2 Level 1 Compliance
    • Meets the highest levels of NIST compliance for a key management software product.
  • Single Sign On

Still have questions?

If you’d like more detailed information, jump to the SvKMS Documentation page which contains all of the resources you will need to get a detailed understanding of SvKMS, including the comprehensive manual, integrations and deployment guide.