Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

3/31/2015
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Thales Launches BYO-Key Service for Microsoft Azure Cloud

Unique bring your own key capability enables you to have total control over your keys and sensitive data in the Azure Cloud.

PLANTATION, Fla.--(BUSINESS WIRE)--Thales, leader in information systems and communications security and pioneer with Microsoft in bring your own key (BYOK) technology, announces the launch of its BYOK Deployment Service Package. The new service offering makes the process of creating and securely transferring keys to Microsoft Azure cloud easy and allows organizations to take advantage of cloud services with greater confidence.

Cloud services like Microsoft Azure Rights Management Services (RMS) offer organizations flexibility, convenience and cost-effectiveness. BYOK provides the added confidence that the keys used to protect your sensitive data in the cloud are under your exclusive control.

The Thales BYOK Deployment Service Package provides everything you need to safely generate and transfer your own keys to the Microsoft Azure cloud. The service package includes an nShield hardware security module (HSM) and the professional services to quickly get you cloud-ready and in control of your sensitive data and keys in the cloud.

 Key benefits:

• Take advantage of cloud services with confidence • Secure your sensitive data with keys that you fully control and are never visible to Microsoft • Ease of deployment – receive expert guidance on how to securely generate and securely transfer your keys to the cloud • Protect and manage your keys on your premises with robust FIPS 140-2 certified hardware

 Dan Plastina, Group Manager, Microsoft says:

“The Azure Rights Management service helps customer safeguard their data, both inside and outside of the organization. Our collaboration with Thales on BYOK puts the customer in control of their keys. Organizations can generate their RMS master keys on-premises, using their own Thales HSMs, and then securely transfer those keys to our Azure-hosted Thales HSMs. The new Thales BYOK Deployment Service Package now makes the process of getting started even easier, providing everything that’s required to successfully deploy, generate, and transfer your own keys to the Azure cloud.”

 Richard Moulds, vice president strategy at Thales e-Security says:

“The goal for any security-oriented cloud service is to convey confidence that sensitive data in the cloud is protected, confidence that different tenants are strongly segregated and that control over critical security assets such as cryptographic keys remains with the customer. BYOK and the use of HSMs can protect both the consumer and the cloud provider and build the confidence to trust the service with an organization’s most valuable assets. Customers new to hardware security module technology often find that expert assistance can make for a smooth and secure deployment and our BYOK Deployment Service can be tailored to meet a customer’s specific need.”

 Expert consultancy

Thales Advanced Solutions Group (ASG) is ready to help you deploy BYOK for your Azure cloud. A dedicated consultant will spend time at your location to explain the technology behind BYOK and take you step-by-step through the process of generating your own keys on your own premises. The consultant will instruct you on how to securely transfer these keys to the Azure cloud, and help you plan the key generation ceremony as well as assist you in conducting it. In addition, you will be left with a step-by-step document detailing the ceremony for future reference.

 Supporting resources:

Whitepaper: Hardware Key Management in the RMS Cloud www.thales-esecurity.com/msrms Microsoft RMS BYOK Guidance:

https://technet.microsoft.com/en-us/library/dn440580.aspx

Updates on Microsoft RMS: http://www.twitter.com/TheRMSGuy Visit Thales at booth South Expo #S607, RSA Conference, Moscone Center, San Francisco, April 20-24, 2015 and speak with our team about our BYOK Deployment Service.

For industry insight and views on the latest key management trends check out our blog www.thales-esecurity.com/blogs Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube

About Thales e-Security

Thales e-Security is a leading global provider of trusted cryptographic solutions with a 40-year track record of protecting the world’s most sensitive applications and information. Thales solutions enhance privacy, trusted identities, and secure payments with certified, high performance encryption and digital signature technology for customers in a wide range markets including financial services, high technology, manufacturing, and government. Thales e-Security has a worldwide support capability, with regional headquarters in the United States, United Kingdom, and Hong Kong.

www.thales-esecurity.com

About Thales

Thales is a global technology leader for the Aerospace, Transport, Defence and Security markets. With 61,000 employees in 56 countries, Thales reported sales of €13 billion in 2014. With over 20,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most complex security requirements. Its unique international footprint allows it to work closely with its customers all over the world.

Positioned as a value-added systems integrator, equipment supplier and service provider, Thales is one of Europe’s leading players in the security market. The Group’s security teams work with government agencies, local authorities and enterprise customers to develop and deploy integrated, resilient solutions to protect citizens, sensitive data and critical infrastructure.

Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France and the United Kingdom.

Contacts

Thales

Dorothée Bonneil

Thales Media Relations – Security

+33 (0)1 57 77 90 89

[email protected]

or

Liz Harris

Thales e-Security Media Relations

+44 (0)1223 723612

[email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Where Are the 'Great Exits' in the Data Security Market?
Dave Cole, Cofounder and CEO, Open Raven,  10/13/2020
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
US Counterintelligence Director & Fmr. Europol Leader Talk Election Security
Kelly Sheridan, Staff Editor, Dark Reading,  10/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4564
PUBLISHED: 2020-10-20
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea...
CVE-2020-4748
PUBLISHED: 2020-10-20
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188517.
CVE-2020-4749
PUBLISHED: 2020-10-20
IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link ...
CVE-2020-4755
PUBLISHED: 2020-10-20
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188595.
CVE-2020-4756
PUBLISHED: 2020-10-20
IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service. IBM X-For...