Introducing Cloud-Delivered Encryption

Crypto Hypervisor Logo

The SafeNet Crypto Hypervisor revolutionizes the delivery of encryption. IT departments can now deliver on-demand, elastic crypto services for data protection—in minutes, not days.

For the first time, high-assurance encryption services fit the cloud operations model. Now the full cost and innovation advantages of virtualization can be exploited without compromising security or compliance.

Admin- & User-Friendly Cryptography: IT maintains full, centralized control of the delivery of encryption services such as key vaulting. Users have full control of their cryptographic resources knowing that other tenants and administrators cannot access their encryption keys.

Crypto Hypervisor is built on the proven hardware security module (HSM), SafeNet Luna SA, and is managed by the Crypto Command Center provisioning tool.

LEARN MORE ABOUT:

view Benefits

The Benefits of Cryptography as a Service

It is common to deploy encryption for the protection and compliance of sensitive and personal information. The security level of any encryption solution often comes down to the security of the encryption keys. Storing the keys in special-purpose hardware, such as a Hardware Security Module (HSM), is recommended by experts as a best practice. 

However, until now hardware encryption solutions have not provided the agility and flexibility needed in virtualized and cloud environments . Rolling out a virtual application that requires encryption, signed digital certificates, or other PKI functions can often add days or weeks to a project.

Enter Crypto Hypervisor. The first high-assurance key vaulting solution built for the cloud operational model. Enterprises can consolidate all their key vaulting and PKI services by moving away from physical HSMs to virtualized HSMs using a Crypto Hypervisor. Service Providers can add high-value key-vaulting and PKI services to their hosted and cloud offerings that allow them to administrate the HSMs but never access their customers’ keys.

Benefits:

  • Dramatic cost savings. Not only can your hardware requirements be reduced by as much as 95%, but SafeNet’s automation processes saves hours of work for each cryptographic resource.

  • Simplified management and administration. Self-service and encryption “catalogs” mean that crypto expertise isn’t required for crypto rollouts anymore.

  • Fewer security gaps. Centralized crypto expertise results in security and encryption policies that are enforced consistently across the enterprise.

  • Simplified audit. Centralizing control and tamper-proof audit logs saves time when proving governance, compliance and completing forensic analysis.

  • Fast rollout. Now an enterprise can implement encryption in a new application in minutes, not hours.

  • Proven: Built on the market leading SafeNet Luna SA HSMs which currently provide protection for over $1 trillion in daily financial transactions.

view Innovations

Innovations in the Crypto Hypervisor

Cloud Data Protection Icon

As a leader in the security market, SafeNet is focused on bringing strong, innovative security solutions to next-generation environments like the cloud. The Crypto Hypervisor represents the culmination of years of research and development:

  • Crypto Command Center. With this management interface admins can manage hundreds of virtual HSMs and administrators can publish a list of on-demand catalog-based crypto resources for their users. This catalog is on a web page that is easy to navigate. The users are only offered services that they have permission to create.

  • Virtualized crypto hardware. The Crypto Hypervisor abstracts HSMs into many dynamic crypto resources that maintain access controls and user experience as if each resource were a dedicated physical HSM. The Crypto Hypervisor supports a multi-tenant environment in which many organizations can leverage the same hardware without fear of keys being lost or stolen by other tenants. Even the admins can’t access the users’ keys.

  • Host Trust Links (HTL). Technology securely binds virtual applications to dynamic crypto resources—so the encryption service moves with the virtual machine, preventing many types of attacks and unauthorized cloning.

  • Separation of roles and responsibilities in multi-tenant environments. Users maintain access to their key material while the central authority sets overall security policies.

Cloud Ready Crypto Hypervisor
view Resources

Crypto Hypervisor Resources

   White Paper - Intro Crypto Command Center HSM Provisioning Cloud

White Paper - Intro Crypto Command Center HSM Provisioning Cloud

The Crypto Hypervisor is the first solution that virtualizes hardware-based cryptographic modules into consumable, elastic, and isolated cryptographic resources for use by virtual applications in need of encryption. A fundamental component of the Crypto Hypervisor is the Crypto Command Center, which provides the capability to define, manage, and deploy cryptographic resources on an as-required basis.

Product Brief - Luna SA

Product Brief - Luna SA

Luna SA is the choice for enterprises requiring strong cryptographic security for paper-to-digital initiatives, digital signatures, DNSSEC, hardware key storage, transactional acceleration, certificate signing, code or document signing, bulk key generation, data encryption, and more.

White Paper - Securing Luna HSM Connections in Virtual Environments

White Paper - Securing Luna HSM Connections in Virtual Environments

The sense of safety that many enterprises had, based on their physical security measures, is being eroded since the data and services are no longer guaranteed to be physically secure. This paper explores the virtual security measures companies need to take, including how to properly secure Luna hardware security modules' connections.

View All Resources Here

view Overview
Recent Blog Posts -The Art of Data Protection

As we discussed in part 3 and 4 of this series, encryption is only the first step to securing your data. If an organization doesn’t take the time to properly secure the keys, all of that encryption could be rendered … Read More >>

While two-factor authentication for secure remote access to corporate networks (VPNs) has become a ‘bare necessity’ for most organizations today, a good VPN strategy can offer new opportunities for IT ecosystem expansion. With 20% of the global workforce telecommuting at … Read More >>

visit blog
CTA - Crypto Command Center WP
CTA - 451 Research Report - AWS SKMS

What People Are Saying