Managing SQL Server TDE and column-level encryption keys with Alliance Key Manager (hardware security module (HSM), VMware, Cloud HSM, or cloud instance) is the best way to ensure encrypted data remains secure. Key Connection for SQL Server stores encryption keys separately from the database server on a secure key manager to meet PCI-DSS, HIPAA/HITECH, GLBA/FFIEC, and other compliance requirements.
Features
Cost Effective Encryption Key Management
In addition to managing TDE and cell level encryption keys, Alliance Key Manager offers an on-board encryption service - the key never leaves the server. Further, Townsend Security enables customers to encrypt SQL Server databases—including Enterprise and Standard releases—as well as Oracle, IBM DB2/400, MySQL, MongoDB, and more.
Cost should not be a barrier to compliance. Our key management model is built to scale from a single server to a multi-server environment. Any organization can now deploy a cost-effective, comprehensive and certified solution to meet key management compliance requirements.
Meet Compliance Requirements
Meet encryption key management best practices with separation of duties and dual control. Store encryption keys separately from the encrypted data on your Microsoft SQL Server with a secure and compliant encryption key management solution. Enforce separation of duties and prevent administrators from having access to SQL Server data and the encryption keys to meet compliance standards.
Out of the Box Integration with Microsoft SQL Server
Townsend Security’s encryption key management solution connects effortlessly to the SQL database. It utilizes Microsoft’s (EKM) interface to support both Transparent Data Encryption (TDE) and column-Level encryption on Microsoft SQL Server Enterprise and Standard editions. Our Alliance Key Manager includes an unlimited license to use the Key Connection for SQL Server software. Key Connection for SQL Server is an Extensible Key Management (EKM) Provider that installs in your SQL Server environment to support both Transparent Data Encryption and Cell Level Encryption.
Automate Key Management Processes
Save time while addressing compliance requirements for key management. Automate all of your essential key management tasks including rotation, retrieval, and generation, for one server or many, in a central location.
Deployment & Training Services Are Included
Complexity is usually the largest concern in integrating encryption key management. Townsend Security has simplified the process. When businesses choose Alliance Key Manager, they not only receive industry leading encryption key management, but free deployment and security hardening services. Townsend Security’s services team will:
Install and initialize Alliance Key Manager (AKM) virtual image
TLS certificate management, download and expiration date tracking
Redundancy implementation of mirroring
Backup configuration support
Security log forwarding via Syslog
MFA activation
Installation and configuration of Admin Console for key lifecycle management
Key retrieval configuration including vSphere, SQL TDE, MongoDB TDE, etc...
Features
Benefits
Automatic integration with Microsoft SQL Server
Uses Microsoft Extensible Key Management (EKM) interface to support Transparent Data Encryption (TDE)
A secure and separate key manager stores encryption keys
Enforce dual control and separation of duties for compliance by storing encrypted data away from the encryption keys
Simplify key management tasks
Automate key rotation, retrieval, and generation in a central location
Watch How Easy it is to Set Up TDE and EKM on SQL Server
Specifications
Certifications and Validations
NIST AES compliance (ECB and CBC modes of encryption)