You Control Keys No Matter Where Data Resides
It's a difficult task to manage the full lifecycle of cryptographic keys from when they are generated to when they are used, stored, archived, and ultimately deleted. And when moving sensitive data to cloud service providers, who will control the keys?
DataKeep’s integrated key management capabilities makes it fast, easy and cost-effective for you to implement encryption across your organization, while you retain ownership of your keys, including the option of integration with external key stores. DataKeep uses a multi-layer process that allows for rotations or rekeying without the data being decrypted and without downtime.
DataKeep™ Protects Your Data Your Brand And Your Reputation
Encrypts personal data-at-rest and manage encryption keys
Manages access to personal data by role or process
Audits data access requests / denials for encrypted personal data
Prepare and Protect with DataKeep
With DataKeep’s transparent, built-in key management, all phases of key lifecycle stay in your control. Automated key creation, rotation, and revocation/shred conform to industry compliance requirements. DataKeep agents create Data Encryption Keys (DEK) that are encrypted by a Policy-Encryption-Key (PEK) and stored with the data. This allows for rotations or rekeying of the PEK without the data being decrypted and without downtime. Security keys can be stored locally in the DataKeep management console or exported using Key Management Interoperability Protocol (KMIP) or Public-Key Cryptography Standards (PKCS #11) to a compliant external keystore.