Our patented Digital Vault provides premier security.
Encryption Key Management for Applications
Because encryption keys are typically embedded in an application's source code or configuration files, they are exposed to developers, IT and operations personnel, DBAs and others. Misuse of these keys can lead to data tampering, leakage and eventually to financial losses.
Embedded encryption keys can be found almost anywhere. Some typical use cases are:
- Billing systems that encrypt credit card data
- Homegrown systems with no methodological key-management component
- SSH keys used for secure encrypted communication between clients and servers
- Distributed or point-of-sale applications and kiosks - encryption keys are used to secure communications to the computing center
When applications interact with each other or with databases, it becomes a challenge to protect and manage the associated passwords and credentials. If a password or key is compromised, the recovery process is complex and may require source code changes or application rebuilds. This leads to system downtime and slower response time to security events.
Hard-coded or static keys and passwords are treated specifically in security regulations such as PCI and must be handled by enterprises in order to retain compliance.
As the Privilege Identity Management (PIM) market leader, Cyber-Ark provides the only unified solution that enables compliance by securely managing applications' encryption keys with a single product.
- Key protection and online rotation with no application downtime
- Unified solution for both hard-coded passwords and keys
- The Digital Vault provides a highly-secure, centrally managed repository for managing encryption keys
- Business continuity is ensured by the inherent resiliency and high availability of the solution
- Cyber-Ark's architecture enables encryption keys to be centrally managed on distributed networks like department stores and points-of-sale
- Cyber-Ark's robust SDK supports a wide number of platforms & programming languages (such as Java, C/C++, .NET and Visual-Basic)
- Integration with enterprise infrastructure, including
- LDAP and IAM integration for user management
- Authentication products for administrators (2-factor, RSA, Radius, PKI, LDAP and more)
- Monitoring and SIEM integration using SNMP, Syslog and SMTP
- Built-in HA/DR architecture
- and much more
- Cyber-Ark's built-in, customized reports help customers stay compliant and help pin-point encryption keys that have not been rotated