The Virtru Customer Key Server

Maintain Exclusive Access to the Encryption Keys Protecting Your Content

A Closer Look at the Virtru Customer Key Server

Host Your Own Keys

Enable easy-to-use client-side encryption without having to trust third parties with unencrypted keys or content.

Prevent Unauthorized Surveillance

Ensure that only you can respond to government access requests for your data.

Meet Data Residency Requirements

Specify the locations where your encryption keys are stored.

Enable Compliance with CJIS and EAR

Meet government regulations in the cloud.

Choose Where to Host Your Encryption Keys

Based on your privacy and regulatory requirements, Virtru provides flexibility, choice, and control for encryption key management:

HSM-Backed

  • Customer adds extra encryption with public-private keys stored on their hardware security module (HSM).
  • Customer keys are hosted exclusively on customer’s premises or any cloud provider.
  • No third party has access to both encryption keys and encrypted content.

Hybrid Cloud

  • Customer keys are hosted exclusively on customer’s premises or any cloud provider.
  • Message keys are encrypted by customer keys.
  • No third party has access to both encryption keys and encrypted content.

Pure SaaS

  • Message keys are hosted on Virtru server.
  • Customers fully manage key access.
  • No third party has access to both encryption keys and encrypted content.

The CKS encrypts message keys with additional encryption keys accessed only by the customer.

Public key encryption protects message keys before travelling across Virtru’s servers to recipients.

Host the CKS on your physical premises, in a private cloud, or on any public cloud service.