Thales’ key manager, keyAuthority 4.0, now provides full support for Key Management Interoperability Protocol (KMIP) version 1.1. Developed by the OASIS standards body, KMIP is intended to be an enabler of enterprise key management that can span numerous encryption use cases and cryptographic applications. Other companies announcing KMIP support at last week’s RSA Conference included Cryptsoft, IBM, SafeNet, and QuintessenceLabs.
According to Aberdeen, companies with current encryption initiatives involving enterprise key management found that the combined difference in costs avoided plus costs saved provided an advantage of nearly $100 per end user per year over those that did not. Thales is one of the founders and thought leaders behind KMIP, said Richard Moulds, vice president strategy, Thales e-Security.
Encryption has been around for years and key management has been a feature of encryption, he said.
“Whatever product you bought had some form of key management because if you’re not managing keys, it’s very difficult to make your encryption work.”
However, while key management is really a thorny topic, until recently that was okay, because only a few companies were deploying encryption, but that’s no longer the case. “Key management is getting out of control,” said Moulds.
A new Thales-sponsored Ponemon Institute study (Global Encryption Trends Study), released at RSA, found that encryption continues to be viewed as a strategic issue and that organizations are increasing their investment in encryption across the enterprise in response to compliance regulations and cyber-attacks. The top data protection priorities focus on identity and access management, data discovery, protecting data in use within business applications and protecting data in outsourced or cloud environments. The importance of protecting data in cloud environments rose significantly from last year’s survey, ranking fourth in priority – up from 12th.
The percentage of overall IT security spending dedicated to encryption has also increased, almost doubling from 10% to 18%, demonstrating that organizations are prioritizing encryption over other security technologies. When it comes to buying criteria, performance is always the top concern, followed next by key management with 38% of respondents saying they have a formal key management strategy.
“Regardless of an organization’s situation, it is clear that encryption and key management are becoming more widely deployed,” said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute, in a prepared statement. “For the first time this year our study shows that more organizations say they have an encryption strategy than not – another clear indication that encryption is now seen as a strategic issue.”
What’s relevant with KMIP is how it potentially changes the way in how people use encryption, particularly in a multi-tenant cloud, said Moulds. It is the first key management standard and simplifies the management of keys. For encryption, the pain is all around key management, he said.
Packaged in a tamper-resistant and tamper-evident hardware platform certified to the FIPS 140-2 Level 3 standard, keyAuthority 4.0 offers the broadest and most complete support for KMIP 1.1, combined with capabilities such as the automation of key lifecycle management controls, high scalability, redundancy, support for multi-tenant environments and sophisticated administrative role separation and key segregation, said Thales.