Virtualization Technology News and Information
KeyNexus Transforms Cloud Encryption Key Management

KeyNexus today rolled out the industry's first universal encryption key-storage-as-a-service (KSaaS) platform. KeyNexus, available now through the Amazon Web Services (AWS) Marketplace, enables businesses of all sizes to affordably achieve enterprise-grade key storage through the use of industry-leading Hardware Security Modules (HSMs), delivered as a service.

While major enterprises are interested in moving more of their workloads to the cloud, security concerns - particularly around cryptographic key management -- have slowed their migration. Other security controls such as firewalls, anti-virus, intrusion detection, data loss prevention, and more have successfully migrated to the cloud, but traditional enterprise HSMs have struggled due to cost, complexity and very limited integration use cases.  KeyNexus is addressing these pain points by pioneering universal access to affordable HSMs in the Cloud. HSMs are one of the last major security controls still left in the datacenter. HSMs protect cryptographic keys and are a crucial security control that many enterprises say is imperative for baseline security in the cloud. Whereas most cloud encryption solutions today require cloud businesses to store their keys alongside their data, which is akin to locking a door but leaving the key in the lock, KeyNexus enables businesses to truly separate the lock from the key.

KeyNexus helps enterprises migrate sensitive workloads to the cloud by bringing multi-tenancy, advanced key management features, cost-efficiency and multi-platform accessibility to the legacy HSM industry.  Production encryption keys are stored on redundant, highly-available, industry-leading, FIPS 140-2 compliant HSMs that are securely hosted within Amazon Web Services' (AWS) compliant data centers. KeyNexus can integrate with almost any cloud, mobile or enterprise environment to give the enterprise a broad and unified key storage experience.

"Using the KeyNexus platform, businesses of all sizes can now protect their cloud or enterprise data by implementing enterprise-grade, hardware-based encryption key storage and are never required to give up ownership or management of their encryption keys," said KeyNexus Founder and CEO Jeff MacMillan.  "By making it quick, easy and affordable to benefit from real HSMs, from any number of cloud, SaaS or mobile platforms, our goal is to help businesses securely migrate more workloads the cloud to maximize their benefits from cloud consumption."

Over the coming months, KeyNexus will announce additional integrations with well-known cloud platforms, encryption products and development environments. In today's launch, the company announced the following integration use cases (for more details click here):
  • KeyNexus for Amazon EC2 - Encrypt EBS volumes on the KeyNexus Linux AMI (Amazon Machine Instances) while storing keys securely on Amazon-hosted HSMs enhanced and made available by KeyNexus.
  • KeyNexus for Amazon S3 - Import encryption keys from KeyNexus into AWS S3 server-side encryption to ensure true separation of the lock and the key. Use multiple keys to effectively impose encryption-based separation between different data sets on S3.
  • KeyNexus On Demand exposes secure APIs which allow businesses to provision their keys into their applications and databases to perform crypto operations as needed.

"Any cloud or SaaS platform implementing encryption should consider using KeyNexus to turn-over control and knowledge of encryption keys to the customer," said MacMillan.  "This confirms to the customer that the platform isn't interested in accessing their private data and will actually benefit the platform by reducing their risk and increasing adoption."

KeyNexus is now live on the AWS Marketplace with a full AMI ready for your use in virtually any workload that requires robust security and compliant key storage.

KeyNexus will be discussing its solutions at Booth 116 at AWS re:Invent in Las Vegas from Nov. 11 through Nov. 14.  For additional information, please visit
Published Tuesday, November 11, 2014 6:58 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2014>