Thales CipherTrust Manager k170v
CipherTrust Manager is used as a central platform for managing encryption keys and security policies within an organization. Its primary goal is to simplify and secure the protection of sensitive data across on-premises, cloud, and hybrid environments, ensuring its confidentiality and integrity.
| Category: | Data Protect |
|---|
NIS2 emphasizes ensuring the three basic pillars of information security: confidentiality, integrity and availability of data. Encryption is understood in this context as one of the most important and in many cases necessary technical tools to meet these statutory objectives, primarily to ensure the confidentiality and integrity of data, both stored and in transit.
Thales CipherTrust Manager allows you to manage the entire life cycle from key generation, user access, key use, rotation to their disposal.
Key areas of use in the organization:
Central key management (Key Management): Allows organizations to centrally manage the entire life cycle of encryption keys (creation, distribution, rotation, backup, recovery and revocation) for various Thales and third-party encryption products (using standards such as KMIP). This ensures uniform security and facilitates administration.
Access and Policy Management: Provides granular access control (Role-Based Access Control - RBAC) to encryption keys and security policies. This ensures that only authorized users and applications have access to data and keys, thereby enforcing separation of duties.
Compliance: Helps organizations meet stringent regulatory requirements such as NIS2, GDPR, PCI DSS, and HIPAA by providing detailed audit trails and reporting on all key and encryption operations. Under Czech law, it helps meet data confidentiality and integrity requirements under the Cybersecurity Act.
Data Protection: Serves as a central point for the entire CDSP platform, which further enables:
Data Discovery and Classification: Identify where sensitive data resides (on disk, in databases, in the cloud).
Encryption and Tokenization: Use various protection mechanisms (file encryption, databases, applications, tokenization) using managed keys.
Multi-Cloud and Hybrid Environments: Supports key management for cloud services (Bring Your Own Key - BYOK), allowing organizations to maintain control over encryption keys for data stored in clouds such as AWS, Azure, and Google Cloud.
High Availability and Scalability: Supports clustering and real-time key replication, ensuring continuous availability of encryption services and reducing the risk of outages.
For individual cases, there are standard connectors:
KMIP
CTE
Tokenization
Be the first who will post an article to this item!
