Key management is a no-brainer - the encryption keys used to encrypt/decrypt data must be protected to prevent unauthorized access to the encrypted data. Many data-at-rest encryption providers offer low-cost, native key management tools that afford some level of protection for encryption keys.
However, data-at-rest encryption best practices necessitate the use of an external key manager for maximum security that separates encryption keys from encrypted data. External key managers provide centralized key management for multiple on-premises data stores and cloud infrastructures and can utilize a FIPS-compliant HSM as a hardware root-of-trust.
Ultimately, users must weigh the pros and cons of native vs. external key management - both having their advantages and disadvantages.
View this on-demand webinar to learn about best practices for key management and how to determine which form of key management is the best fit for your on-premises, virtual, or cloud storage environments. Thales TCT's Deputy CTO will:
- Outline the basics of native and external key management
- Weigh the pros and cons of both solutions
- Discuss how to determine which solution is the best fit for your environment