Entrust KeyControl
Entrust KeyControl is redefining cryptographic key and secrets management.
Traditional key management systems haven’t adapted to the realities and risks organizations with multi-cloud strategies face. Basic access controls, sparse metadata, and storage in one-size-fits-all key vaults should no longer be considered key management.
You are not effectively managing your keys and secrets if you are not in control and aware of who creates and uses them. Knowing where your keys are stored can be an essential component for compliance with corporate security policies and/or regulations that differ by location and use case.
Modern key management for a complex multi-cloud world
Entrust KeyControl is setting a new standard for key and secrets management by combining traditional key lifecycle management and a decentralized vault-based architecture with a comprehensive central policy and compliance management dashboard – the KeyControl Compliance Manager. The platform offers decentralized security with centralized visibility across the enterprise’s cryptographic assets.
The powerful combination can help ensure data is protected in compliance with stringent regulatory requirements and keys and secrets can be geolocated and managed to respect data sovereignty mandates.
KeyControl Compliance Manager: Data protection is in the details
The KeyControl Compliance Manager provides a powerful compliance dashboard with granular policy management and control of cryptographic keys and secrets across your enterprise. The unified dashboard allows you to view and monitor your organization’s cryptographic assets in vaults configured locally or geographically distributed.
Controlling your keys means managing your risks
The KeyControl Compliance Manager policy engine provides fine-grained control of your cryptographic keys and secrets, offering full visibility, traceability, compliance tracking, and an immutable audit trail.
This can help make it possible for your organization to stay in compliance with laws and regulations around the world that govern data privacy, security, and sovereignty.
Multiple KeyControl Compliance Managers can easily be configured to isolate regions or organizational locations as needed.
KeyControl Vaults: Your Keys in the right place to help your company be in compliance.
Many traditional monolithic key management solutions offer only a single, centralized repository for storing keys – which for some use cases can be like putting all your eggs in one basket.
The KeyControl platform offers a new distributed vault architecture supporting the creation of fully isolated vaults that can help your organization meet your compliance obligations related to geographical data residency and data sovereignty mandates for cryptographic assets, while reducing attack surfaces and providing flexible arrangements for disaster recovery (DR) and contingency planning.
KeyControl Vaults for Your Use Cases
Lifecycle management for Key Management Interoperability Protocol (KMIP) workloads utilizing cryptographic keys, including virtualization platforms, backup and recovery, database, and storage.
High assurance FIPS 140-2 Level 3 root of trust and key lifecycle management for SQL databases using Transparent Data Encryption (TDE).
Entrust KeyControl Vault for Databases secures your data with Oracle Database TDE Encryption Keys.
Control and Bring Your Own Keys (BYOK) while leveraging the benefits of the cloud. Ensure the strong provenance of keys and manage key lifecycles, automation, and key backups independent of the cloud provider.
Generate and Hold Your Own Keys (HYOK) throughout their lifecycle (on-premises or in a private cloud), while allowing your cloud service provider (CSP) to use the keys on your behalf.
Control Secure Shell (SSH) access and usage of administrative accounts while proactively enforcing security policies and recording privileged user activity in any environment.
Address a wide range of data protection use cases by providing data encryption, data tokenization with format-preserving encryption (FPE), data masking, and key management.
Entrust KeyControl combines key lifecycle management and a decentralized vault-based architecture with a comprehensive central policy and compliance management capabilities for a wide range of use cases.
Entrust KeyControl Compliance Manager is part of a suite of products designed to manage key lifecycles at scale for encrypted workloads in virtualized environments across on-premises, multi-cloud, and hybrid deployments.
With Entrust KeyControl Vault for Secrets Management, businesses can easily manage secrets and access to credentials for resources across on-premises and cloud environments.
