Cloud 101CircleEventsBlog
Get 50% off the Cloud Infrastructure Security training bundle with code 'unlock50advantage'

Download Publication

Recommendations for Adopting a Cloud-Native Key Management Service
Recommendations for Adopting a Cloud-Native Key Management Service
Who it's for:
  • Program and project managers
  • Business analysts
  • Cloud architects
  • Systems integrators
  • Cloud customers and developers
  • Security and compliance staff

Recommendations for Adopting a Cloud-Native Key Management Service

Release Date: 09/14/2021

Working Group: Cloud Key Management

Cloud-native key management services (KMS) offer organizations of any size and complexity a low-cost option for meeting their needs for key management, particularly for cloud services within the same provider. This document provides comprehensive guidance on choosing, planning, and deploying a cloud-native KMS. It focuses on how to optimize business outcomes such as agility, cost efficiency, and compliance. It also addresses the breadth of technical, legal, regulatory, and financial considerations vital for successful cloud KMS integration.

IT and business professionals will find this to be essential reading when implementing their cloud-based key management services. Professionals will learn how to leverage these services to enhance their security posture while maintaining compliance with industry standards.

Key Takeaways:
  • Detailed recommendations for selecting a cloud-native KMS
  • Step-by-step guidance on planning and deploying cloud-based key management systems
  • Technical considerations, including hardware security module backed keys and API functionality
  • Strategies for integrating a cloud KMS with existing IT infrastructure
  • Regulatory and legal implications of using cloud key management services
  • Financial considerations and cost management strategies for cloud KMS deployments
Download this Resource

Prefer to access this resource without an account? Download it now.

Bookmark
Share
View translations
Related resources
Key Management for Public Cloud Migration
Key Management for Public Cloud Migration
Map the Transaction Flows for Zero Trust
Map the Transaction Flows for Zero Trust
AI Risk Management: Thinking Beyond Regulatory Boundaries
AI Risk Management: Thinking Beyond Regulatory ...
Zero-Code Cloud: Building Secure, Automated Infrastructure Without Writing a Line
Zero-Code Cloud: Building Secure, Automated Infrastructure Without ...
Published: 12/16/2024
Break Glass Account Management Best Practices
Break Glass Account Management Best Practices
Published: 12/16/2024
Test Time Compute
Test Time Compute
Published: 12/13/2024
Level Up Your Cloud Security Skills With This Jam-Packed Training Bundle
Level Up Your Cloud Security Skills With This Jam-Packed Training B...
Published: 12/11/2024

Acknowledgements

Mike Schrock
Mike Schrock
Senior Director Global Business Development – Cloud Strategy

Mike Schrock

Senior Director Global Business Development – Cloud Strategy

Mike Schrock joined Thales Group (formally Gemalto) in 2015 as the Senior Director, Business Development, managing Cloud Service Provider Strategy. Mr. Schrock is passionate about and has championed digital transformation for over twenty years in his technology alliance and executive management experience, particularly in the digital, cloud and network security, internet and mobile sectors. Prior to joining Gemalto, he held executive roles ...

Read more

Michael Born
Michael Born
Director, Security Consulting

Michael Born

Director, Security Consulting

Michael has worked in and around Information Technology and Information Security for over ten (10) years with the majority of his experience in Application Security and Penetration Testing. Michael is the author of Binary Analysis Cookbook by Packt Publishing, enjoys participating in local Information Security groups such as The Omaha Chapter of OWASP, DC402, and often contributes CTF challenges to Kernelcon in Omaha, NE. When n...

Read more

Paul Rich
Paul Rich
Executive Director, Data Management & Protection

Paul Rich

Executive Director, Data Management & Protection

Paul Rich is the executive director, data management and protection for JPMorgan Chase & Co., where he leads the strategy and implementation within the company for unstructured data protection both in the cloud and on-premises. He is the co-chair of the CSA Cloud Key Management Working Group, which he envisions as a means of hearing diverse perspectives on the use of cloud services and expectations for both data privacy and secu...

Read more

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Since 2012, Michael Roza has been a pivotal member of the Cloud Security Alliance (CSA) family. He has contributed to over 125 projects, as a Lead Author or Author/Contributor and many more as a Reviewer/Editor.

Michael's extensive contributions encompass critical areas including Artificial Intelligence, Zero Trust/Software Defined Perimeter, Internet of Things, Top Threats, Cloud Control Matrix, DevSecOps, and Key Management. His lea...

Read more

Vani Murthy
Vani Murthy
Sr. Information Security Compliance Advisor, Akamai Technologies

Vani Murthy

Sr. Information Security Compliance Advisor, Akamai Technologies

Vani has 20+ years of IT experience in the areas such as Security, Risk, Compliance, Cloud services (IaaS/PaaS/SaaS) architecture

Read more

Marina Bregkou
Marina Bregkou
Senior Research Analyst, CSA EMEA

Marina Bregkou

Senior Research Analyst, CSA EMEA

Damian Crosby Headshot Missing
Damian Crosby

Damian Crosby

James Underwood
James Underwood
Senior Security Architect at Blackbaud, Inc

James Underwood

Senior Security Architect at Blackbaud, Inc

Abhishek Vyas
Abhishek Vyas
Head of Security Consultancy and Architecture

Abhishek Vyas

Head of Security Consultancy and Architecture

I have been working in Cybersecurity for over 10 years, and have been working on large scale multi-cloud programs in the Software and Finance industries over that period. I deliver business value through robust, scalable, fit for business cybersecurity, by establishing new ways of working to help the business to innovate. Challenging the status quo to help remove inertia, and ensuring that cybersecurity remains relevant and mea...

Read more

Jake Bernstein Headshot Missing
Jake Bernstein

Jake Bernstein

Michael Church Headshot Missing
Michael Church

Michael Church

Phil Cutforth Headshot Missing
Phil Cutforth

Phil Cutforth

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training