Use Cases

IaaS Encryption

Secure your data in the cloud without losing control of your keys

You’re moving your data to the cloud, but you’re concerned about security. Using your Cloud Service Provider’s existing encryption key management system means storing your data and keys in the same environment, essentially giving them access to your master keys.

Using Bring Your Own Key (BYOK) with KeyNexus UKM allows you to supply encryption keys to secure your data, but store those keys in a remote location where no one has access but you. KeyNexus can be deployed across private, public and hybrid environments, offering the following advantages:

  • Control your key in a single environment out of the cloud.
  • Adhere to regulatory best practices of separating the lock from the key.
  • Platform agnostic- one key manager for all your cloud needs.
  • More comprehensive key lifecycle management than the cloud providers.
  • Superior ROI when considering a multi-cloud and hybrid strategy.
  • Deploy specific application not tied the CSPs architecture.

Integrate KeyNexus with all the popular cloud-based platforms:

Google Cloud allows customer-supplied encryption keys for Google Compute Engine and Google Cloud Storage. Your keys are not stored on Google servers and your protected data cannot be accessed unless you provide the keys.

Google Compute Engine (GCE) – An IaaS that allows you to run VMs on the Google Infrastructure, using KeyNexus keys for disk encryption.

Google Cloud Storage (GCS) – Cloud Service Provider for unified object storage, including live data serving, data analytics and data archiving. Use KeyNexus to transparently encrypt and decrypt GCS objects

Amazon S3 supports native server-side encryption and Customer Provided Key options (S3 SSE-C). Connect to Amazon S3 through the KeyNexus REST API client.

Amazon EC2 provides secure, resizable compute capacity in the cloud. KeyNexus provides protected keys for full disk encryption of EBS volumes, storing your keys in a different environment from your data.

Azure Storage provides scalable, durable, and highly available storage, and the storage foundation for Azure Virtual Machines. KeyNexus integrates with Azure Storage via their client-side encryption.

OpenStack is an IaaS open source cloud operating system and allows deployment of applications on a virtual machine. KeyNexus provides volume encryption at the hypervisor level.


Maintain control of your key across cloud service providers, while simplifying the complexity that is inherent in this approach.

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search