When you accept that data loss is inevitable, it becomes obvious that strong data protection and proper key management are central to your data security practices.
Olympia, WA (PRWEB) February 25, 2010
Patrick Townsend Security Solutions (PTSS) is addressing one of the fastest growing deficiencies companies encounter in data privacy audits: proper encryption key management. To ease this situation, PTSS has released its new appliance named Alliance Key Manager. Data privacy regulations such as PCI, HIPAA and GLBA require organizations to not only encrypt data but to also securely manage the data encryption keys. Alliance Key Manager helps meet these requirements by providing a robust and extensible key management server built for today's business environment.
Experts agree that encrypted data is only as secure as the encryption keys. People don't lock their cars and leave the keys in the door. They lock the door and store the keys away from the vehicle. The same discipline must apply to data encryption keys. Encryption keys must be controlled, stored and secured separately from the data the keys protect. This critical step in the encryption process is too often overlooked due to the perceived complexity of the task.
Alliance Key Manager, from PTSS, is a centrally administered solution for managing and storing symmetric encryption keys. It simplifies encryption key management for the Enterprise. This new appliance racks up in any server environment and services all major business platforms including Linux, UNIX, Windows, IBM System i, and IBM System z. Enterprises that are currently encrypting data, or considering data encryption, will benefit greatly from a federally certified encryption key management solution that is affordably priced.
Patrick Townsend, Founder and CTO commented that, "Even the most diligent enterprises are finding that data gets out in unexpected ways. When you accept that data loss is inevitable, it becomes obvious that strong data protection and proper key management are central to your data security practices. We know that even if you're encrypting sensitive data, that data is only as secure as the encryption keys, which is precisely why we built the Alliance Key Manager solution."
Alliance Key Manager is designed for easy integration with all software and hardware systems. Major features include:
- NIST-certified: The Alliance Key Manager solution meets the following NIST (National Institute of Standards in Technology) validations: NIST AES (five encryption modes), NIST SHA, NIST RNG, and NIST FIPS-140-2 Level 1. Alliance Key Manager is in process of receiving the FIPS 140-2 certification.
- Automation and easy deployment: Alliance Key Manager is a non-intrusive solution that doesn't require the installation of outside agent software in the Enterprise. Administrators can configure, manage, import, export, create, and expire thousands of keys automatically from a central location.
- Control key access: Encryption keys can be regulated so that only the right users have access to the data. Key access can be restricted to a specific list of users, a specific list of groups, or specific users within a group. Distinguished names in security certificates allow the administrator to enforce user and group controls, reducing physical key management time and cost.
- Key mirroring and hot back up: Key servers that control access to data must be resilient. Alliance Key Manager automatically mirrors keys between multiple key management appliances over a secure and mutually authenticated SSL/TLS connection. It is an efficient solution for hot backup and disaster recovery support of sensitive encrypted data.
- Secure logging: Everything the key server does should be auditable. Alliance Key Manager has built in logging allowing administrators to track all key retrieval, management, and system activity. Reports can be sent automatically to a central log management console, alerting facilities, or to SIEM products for a timely and permanent record of all activity.
Learn more about Alliance Key Manager, and see a live demonstration, at the RSA Conference in San Francisco, booth #755. Or visit patownsend.com to request a demonstration.
About Patrick Townsend Security Solutions:
PTSS makes NIST-certified software and appliance solutions to protect sensitive data from loss, theft and abuse. We know that despite everyone's best efforts "data gets out." The best way to deal with that fact is not by simply building a wall around the data, but by protecting against its abuse. To accomplish this the company employs encryption, system logging, and encryption key management for the most effective data protection available. Known as the Encryption Company, PTSS was formed in 1984, and is privately held with headquarters in Olympia, WA. For more information visit http://www.patownsend.com or call 800/357-1019.