Service lets companies manage Amazon Web Services encryption keys

KeyNexus, a division of Dark Matter Labs, today announced a secure encryption key-management service that lets organizations store, manage and audit the encryption keys they use in the cloud.

Expected to be available the end of this month, the KeyNexus service will initially support Amazon Web Services. The service will cost about $50 per month for two AWS instances where encryption keys are needed, though there will be a trial period where it will be free. Dark Matter Labs makes a line of data-encryption hardware appliances and the KeyNexus service represents a next step for that technology for cloud security key management, says CEO Jeff MacMillan.

[RELATED:Flexibility stressed for encryption and key management in the cloud]

[MORE:When tech empires fall: 10 companies and products that dominated... and then didn't]

"Companies are realizing they don't want to store their encryption keys in the cloud," says MacMillan, noting that the Cloud Security Alliance, the group devising security standards for cloud-based services, says the encryption keys used in them should not necessarily be stored in the same cloud for security reasons.

Since business customers increasingly expect to use encryption in a variety of cloud services, the question is where it might be best to store a slew of them securely. MacMillan's argument is that enterprises shouldn't store and manage encryption keys in the same cloud location where they're used.

"You'll have encryption in 10 different clouds, and manage seven to 15 sets of keys," MacMillan says. He points out that there are already a handful of encryption vendors for Amazon Web Services today, including Trend Micro, Porticor, SafeNet and Afore Solutions.

The KeyNexus services for AWS is based on hardware appliances kept and managed at Equinix in the U.S. where the encryption keys are encrypted in hardware-based storage and available round-the-clock to the customer. KeyNexus may support other cloud-based services in the future as well. Dark Matter Labs is based in Victoria, Canada.

The KeyNexus key-management service evolved from the Dark Matter Labs hardware appliance used for key management, which Vijay Raghavendra, CTO at Inkiru says he deployed for the Inkiru data-analytics platform that supplies e-commerce-based analysis for purposes of both fraud prevention and customer buying patterns.

"It was important for us to meet the standards set by our customers," said Raghavendra about secure key-management in the cloud, though he adds that because Inkiru was just acquired by Walmart Labs for Walmart's e-commerce operations, there are no plans now for immediate use of KeyNexus.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail:

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Amazon Web ServicessecurityCloudcloud security allianceendpoint securityWide Area Networkcloud computinginternet

More about Amazon Web ServicesAmazon Web ServicesEquinixIDGSafeNetTrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts