Using Bring Your Own Key (BYOK) with KeyNexus UKM allows you to supply encryption keys to secure your data, but store those keys in a remote location where no one has access but you. KeyNexus can be deployed across private, public and hybrid environments, offering the following advantages:
Integrate KeyNexus with all the popular cloud-based platforms:
Google Cloud allows customer-supplied encryption keys for Google Compute Engine and Google Cloud Storage. Your keys are not stored on Google servers and your protected data cannot be accessed unless you provide the keys.
Google Compute Engine (GCE) – An IaaS that allows you to run VMs on the Google Infrastructure, using KeyNexus keys for disk encryption.
Google Cloud Storage (GCS) – Cloud Service Provider for unified object storage, including live data serving, data analytics and data archiving. Use KeyNexus to transparently encrypt and decrypt GCS objects
Amazon S3 supports native server-side encryption and Customer Provided Key options (S3 SSE-C). Connect to Amazon S3 through the KeyNexus REST API client.
Amazon EC2 provides secure, resizable compute capacity in the cloud. KeyNexus provides protected keys for full disk encryption of EBS volumes, storing your keys in a different environment from your data.
Azure Storage provides scalable, durable, and highly available storage, and the storage foundation for Azure Virtual Machines. KeyNexus integrates with Azure Storage via their client-side encryption.
OpenStack is an IaaS open source cloud operating system and allows deployment of applications on a virtual machine. KeyNexus provides volume encryption at the hypervisor level.