Encryption & Key Management for Drupal

Encryption & Key Management for Drupal

Key Connection for Drupal Module

Drupal developers who need to protect sensitive data know that storing their encryption keys within the content management system (CMS) puts their data at risk for a breach.  With Key Connection for Drupal, administrators are now able to keep their encryption keys secure by storing them remotely and only using them when the encryption/decryption happens.

    Your Users Expect Their Data Is Protected
    Data breaches are not a matter of if, but when.  When it comes to protecting sensitive information and meeting security compliance regulations, we don’t believe anything should get in the way of offering your users the best data security tools available.


    Protect Private API Keys
    Proper key management is essential to securing critical API connections.  Private API keys are used very widely within Drupal by services like Amazon AWS, Authorize.net, PayPal, and MailChimp and stored in the clear.  If your site gets hacked, so does access to the services that you have integrated into your site.  

    Solving the Drupal Encryption Problem
    Within the Drupal CMS there is no secure method for managing your encryption keys without expensive, custom solutions.  Users who are currently encrypting sensitive data are storing the encryption key locally in either a file protected on the server, in the database, or in Drupal’s settings file.  None of these methods meet data security best practices or compliance regulations such as PCI DSS, HIPAA/HITECH, state privacy laws, etc.


    Who Needs Encryption and Key Management?
    Today almost every business must adhere to data security regulations set forth by industry standards groups.  Anyone who is using Drupal to collect and store sensitive data (personally identifiable information, work/school applications, e-commerce checkout process, etc.) needs to make sure this data is held safely.  Key Connection for Drupal keeps the encryption keys on a separate server from the data they protect, allowing administrators to line up with compliance and security best practices.


    Encryption and Key Management Simplified
    Complexity is usually the largest concern in integrating encryption services into any environment such as Drupal.  The Key Connection module provides a simple configuration UI to get connected quickly and effortlessly.  By installing the Key Connection module into Drupal, administrators can easily encrypt sensitive data and manage the encryption keys with a FIPS 140-2 compliant encryption key manager.


    NIST Compliant Encryption
    In addition to retrieving keys, the Key Connection module creates a NIST compliant encryption option by using on-board encryption on the Alliance Key Manager.  For organizations that need to meet compliance requirements, NIST compliant AES encryption and key management means you are provably meeting industry standards and best practices.


    An Affordable Encryption Key Manager
    With subscription and perpetual licensed options for the Alliance Key Manager server, we have an encryption key management solution to fit your budget.  Additionally, Alliance Key Manager is offered as physical hardware security module (HSM) in your data center, as a cloud HSM, or as a virtual appliance in the cloud.


    Module Integration
    Townsend Security recognizes the strength of community standards, which is why the Key Connection module is built upon Drupal’s Encrypt API. As an extension to this API, the Key Connection module provides Encrypt (and any other module in Drupal) with a universal ability to securely retrieve and use remote encryption keys.


    Additionally, Townsend Security is helping the community by helping sponsor a suite of modules that integrate with Key Connection and include: KeyEncrypt UserEncrypt Form APIEncrypted FilesField EncryptionEncrypt Password, and Webform Encrypt.


    Encryption & Key Management in Drupal


    Townsend Security has partnered with Cellar Door Media as the premier provider of encryption key management integration within Drupal. For more information on how they can help integrate encryption and key management into your next project, contact either Townsend Security or Cellar Door Media.

    Certifications and Validations

    NIST AES compliance (ECB and CBC modes of encryption)

    NIST SHA validation

    NIST RNG validation (x9.31)

    NIST HMAC validation

    NIST FIPS 140-2, level 1


    TLS authenticated secure communications

    GUI console for key management

    Secure web application for server management

    Key Sizes

    AES 128, 192, 256 bit symmetric keys

    RSA 1024,2048, 3072, 4096 bit asymmetric keys