Customer-Hosted Keys for Full Control of Your Data
You don’t trust the bank with the key to your safety deposit box, so why trust third party security providers to host your encryption keys? The Virtru Customer Key Server (CKS) removes third party trust concerns by letting you host your own encryption keys and integrate with hardware security modules (HSMs) for absolute data control.
Encryption Key Management that Unlocks the Power of Privacy
Host your own keys so that unauthorized parties can never access your data, ensuring it stays private.
Meet data protection and residency requirements for HIPAA, GDPR, PCI, CCPA, and other data privacy regulations.
Avoid blind subpoenas that force security and cloud vendors to give governments your data without authorization. Only you can respond to government data requests.
Split knowledge architecture separates keys from content. You’re never forced to trust Virtru or cloud service providers with access to your data.
Maintain visibility over all encryption key exchanges and policies and integrate with your SIEM for insights that strengthen threat response and compliance workflows.
Virtru CKS deploys rapidly with Docker containers to align with your existing IT and key management infrastructure for enterprise scale implementations with low overhead.
Flexible, Layered Encryption Key Hosting Options
Choose from several hosting options to align with your key management processes and security requirements.
Key and Policy Management – Virtru Access Control Manager
Virtru Access Control Manager (ACM) manages encryption key policies and authenticates key exchanges. Hosted in AWS to ensure maximum performance and availability
Virtru generates a unique AES 256-bit symmetric key on the client to protect each email and file, then sends it to the Virtru ACM via a secure TLS-protected channel hosted in AWS and secured with HSM arrays.
You host asymmetric encryption keys on-premises that protect every Virtru client key, for a crucial layer of protection that ensures client keys are never stored or transmitted in the clear.
Virtru CKS brokers encryption and decryption requests on the Virtru platform by securely accessing your HSMmanaged private keys leveraging the PKCS #11 and KMIP protocols.