CipherTrust Manager - Practical Key Management in Banking

Man holding a blank card i front of the laptop

Published: 24 April 2023

Reading time: 3 minutes

There are many aspects of cybercrime and security breaches that can damage an unprepared organization. 

Some of the impacts can be:

 - Loss of customer confidence

 - Shareholders losing trust

 - Negative media exposure

 - and more

Although you cannot reduce to zero the chances of a cyber attack or security breach, you can reduce the surface area of your data that is exposed to attack. There are strategies that you can use to defend your organization.

In the financial and banking industry transactions taking place online obviously have a great need for efficient protection.  A major problem is the more users you have that require access to the secret key, the more difficult key management becomes. Some ancillary processes may be required for multiple clients to be able to access the same keys. The Hardware Security Module (HSM) is a highly advanced and secure storage device specifically for keys. At the end of the key lifecycle, the key must be retired, and a new key must replace it. HSM is a physical device that provides more secure management of sensitive data, such as keys, inside CipherTrust Manager.

CipherTrust Manager enables financial organizations to centrally manage encryption keys for Thales CipherTrust Data Security Platform and third-party products. It simplifies key lifecycle management tasks, including secure key generation, backup/restore, clustering, deactivation, and deletion.

CTM improves compliance & risk management, which is also documented in the review of Gartner by the Senior IT Security officer from Banking Industry.

Banner banking

The CipherTrust Data Security Manager allows administrators to specify data access policies, administer users and logical domains, generate usage reports, register new hosts, access security logs, manage third-party keys, digital certificates, and more. Moreover, as enterprises and service providers need data security management in concert with their other infrastructure, CipherTrust Manager also provides integration capabilities with multiple APIs and a command line interface as well as a simple graphical user interface (GUI) operation.

The CipherTrust Data Security Platform is an integrated suite of data-centric security products and solutions that unify data discovery, protection, and control in one platform.

Discover: An organization must be able to discover data wherever it resides and classify it. This data can be in many forms: files, databases, and big data and it can rest across storage on-premises, in clouds, and across back-ups. Data security and compliance start with finding exposed sensitive data before hackers and auditors. The CipherTrust Data Security Platform enables organizations to get complete visibility into sensitive data on-premises and in the cloud with efficient data discovery, classification, and risk analysis.

Protect: Once an organization knows where its sensitive data is, protective measures such as encryption or tokenization can be applied. For encryption and tokenization to successfully secure sensitive data, the cryptographic keys themselves must be secured, managed, and controlled by the organization. The CipherTrust Data Security Platform provides comprehensive data security capabilities, including file-level encryption with access controls, application-layer encryption, database encryption, static data masking, vault less tokenization with policy-based dynamic data masking and vaulted tokenization to support a wide range of data protection use cases.

Control: Finally, the organization needs to control access to its data and centralize key management. Every data security regulation and mandate requires organizations to be able to monitor, detect, control, and report on authorized and unauthorized access to data and encryption keys. The CipherTrust Data Security Platform delivers robust enterprise key management across multiple cloud service providers (CSP) and hybrid cloud environments to centrally manage encryption keys and configure security policies so organizations can control and protect sensitive data in the cloud, on-premise, and across hybrid environments.

CipherTrust 1

Cipher Trust Manager appliances can be deployed on-premises in physical or virtualized infrastructures and in public cloud environments to efficiently address compliance requirements, regulatory mandates and industry best practices for data security. Virtual appliances provide organizations with a scalable less expensive alternative to using a physical appliance.

Ask us for a personal demonstration!

To make this website run properly and to improve your experience, we use cookies. For more detailed information, please check our Cookie Policy.

  • Necessary cookies enable core functionality. The website cannot function properly without these cookies, and can only be disabled by changing your browser preferences.