Circle
Events
Blog

Download Publication

Cloud Key Management System with External Origin Key
Cloud Key Management System with External Origin Key
Who it's for:
  • program and project managers
  • security architects
  • developers
  • compliance managers

Cloud Key Management System with External Origin Key

Release Date: 12/02/2021

Working Group: Cloud Key Management

The purpose of this document is to provide general guidance for choosing, planning, and deploying cloud-native key management systems (KMS) where there is a desire or requirement to import key material from an external source. The guidance will provide recommendations that address technical, operational, legal, regulatory, and financial aspects of leveraging a Cloud-Native KMS using EKO. The goal is to optimize business outcomes, including security, agility, cost, and compliance. 

Download this Resource

LoginCreate Account

Prefer to access this resource without an account? Download it now.

Acknowledgements

Paul Rich Headshot
Paul Rich
Executive Director, Data Management & Protection

Paul Rich

Executive Director, Data Management & Protection

Paul Rich is the executive director, data management and protection for JPMorgan Chase & Co., where he leads the strategy and implementation within the company for unstructured data protection both in the cloud and on-premises. He is the co-chair of the CSA Cloud Key Management Working Group, which he envisions as a means of hearing diverse perspectives on the use of cloud services and expectations for both data privacy and secu...

Read more

Michael Roza Headshot
Michael Roza
Risk, Audit, Control and Compliance Professional

Michael Roza

Risk, Audit, Control and Compliance Professional

Since 2012 Michael has contributed to over 75 CSA projects completed by CSA's Internet of Things, Blockchain/Distributed Ledger, Top Threats, Cloud Control Matrix, Software-Defined Perimeter, Applications, Containers, and Microservices, and other working groups. In, 2020 he also served as co-chair to CSA's Enterprise Architecture and Security-as-a-Service working groups while also serving as the Standards Liaison Officer for IoT, ICS, EA, S...

Read more

Mike Schrock Headshot
Mike Schrock
Senior Director Global Business Development – Cloud Strategy

Mike Schrock

Senior Director Global Business Development – Cloud Strategy

Mike Schrock joined Thales Group (formally Gemalto) in 2015 as the Senior Director, Business Development, managing Cloud Service Provider Strategy. Mr. Schrock is passionate about and has championed digital transformation for over twenty years in his technology alliance and executive management experience, particularly in the digital, cloud and network security, internet and mobile sectors. Prior to joining Gemalto, he held executive roles ...

Read more

Michael Born Headshot
Michael Born
Director, Security Consulting

Michael Born

Director, Security Consulting

Michael has worked in and around Information Technology and Information Security for over ten (10) years with the majority of his experience in Application Security and Penetration Testing. Michael is the author of Binary Analysis Cookbook by Packt Publishing, enjoys participating in local Information Security groups such as The Omaha Chapter of OWASP, DC402, and often contributes CTF challenges to Kernelcon in Omaha, NE. When n...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?