(The Hosting News) – CertiVox, a leading provider of web 2.0 security services, today announced the official launch of SkyKey, an automated, hosted encryption key management service for ISVs and cloud services providers. SkyKey puts secure control of data back into the hands of vendors’ enterprise customers – but without costly proxies and certificates, cumbersome PKI infrastructure, or manual scripting.
Until now, vendors of cloud applications and services (and their developers) have been unable to offer effective, suitable encryption key management for their enterprise customers’ use. Two challenges arise around this, one technical and one commercial:
The technical challenge – Security in enterprise services is not 1-to-1 or static. File transfer or collaboration applications are a good example. Variable numbers of users have constantly changing degrees of access to constantly evolving folders, across multiple devices (PC, smartphone, tablet) and may join, depart or rejoin at any time. Traditional security approaches, such as PKI, simply cannot scale to these levels, because the management of the security certificates and encryption keys involved is a highly manual process.
The commercial challenge – The traditional PKI approach also places control of the encryption keys in the hands of the vendor/developer, not the customer. Many regulated industries (for example, banking) legally require that the encryption keys be controlled by the customer on-premise, so vendors simply cannot address this market.
The launch of SkyKey means that both these challenges are now comprehensively addressed. Firstly, SkyKey is an Infrastructure as a Service (IaaS) solution that enables developers to easily embed encryption key management into systems, communication layers and applications, in a way that scales and grows automatically. Secondly, enterprises that, for regulatory or other reasons, need to run their key management on-premise, can use a distributed form of the SkyKey service, in which the keys are managed from within the enterprise’s own datacentre.
Brian Spector, CEO, CertiVox, commented: “Why do you never see a bank using a filesharing service to communicate with you? Because vendors of these and many other cloud services can’t get round the technical problem of providing encryption key management that is secure, scalable, automatic and meets their customers’ legal on-premise requirement. SkyKey certainly addresses these needs, but its impact will go much, much further. PKI won’t be able to address the Internet of Things, for example, come 2015, unless it finds a way to automatically manage encryption keys. That way is SkyKey.”
Jon Penney, CEO of CertiVox partner Cryptosoft, said: “SkyKey has given us a real competitive edge in the enterprise market, providing a degree of automation that effectively enables us to deliver far more efficient and flexible security solutions to our customers, and their many thousands of end-users, than we previously could have.”
SkyKey is supplied as an API, with an optional SDK for added flexibility. The SkyKey SDK is open source and can be downloaded for free from www.certivox.com and www.github.com. Developers simply use the API and/or the SDK to embed SkyKey into their applications.
SkyKey creates random encryption keys, which are themselves encapsulated (i.e., encrypted) using an identity that is authorised to access the key. That identity is used to create a key manifest. Only authorised identities that are intended to decrypt the data can de-encapsulate and access the encryption key.