New Central Key Management System

30 May 01:02

Cryptomathic has launched a practical Key Management System that enables organisations to manage the life cycle of cryptographic keys using a standardised, central approach.

Designed to address the increasingly complex key management regulations of the financial sector, the Cryptomathic Key Management System (CKMS) removes the need to have key custodians present to manually install and regularly manage the life cycle of keys on devices. This enables instructions to be issued individually to key custodians and security managers, allowing them to control their keys independently online, working from their own desks, securely pushing keys into the correct position.

The uncomplicated process reduces human error while enabling keys to be updated more frequently without additional costs to a financial institute or its customers. The increased level of activity will strengthen security for banks at ATMs and similar transaction points.

Professor Peter Landrock, Executive Chairman of Cryptomathic, comments: Key Management Systems are often developed by system integrators as an afterthought when installing Hardware Security Modules, and we wanted to challenge this approach. Although key management is a discipline which requires strict user administration and enforced procedures, our aim was to create a good user experience with tools that manage the complexity, while presenting a simpler process.

As Cryptomathic is an independent and Hardware Security Module neutral security provider, the CKMS is compatible with all current industry standards, and the technology is interoperable with any operating system. Landrock continues: Most organisations use different technology suppliers to manage keys across their operations, and three or four different systems have usually been implemented. The CKMS brings all these elements together to present one standard user interface, significantly reducing the time taken to train staff and facilitating key management as part of someones daily activities, and not their entire job function.

Related links: (Open in a new window.)

Taken from Information Security Bulletin.