Sepior Announces the Release of Microsoft Azure Cloud Storage Service Plugin for Encrypting Data Using Customer-Owned Keys
Sepior’s pure-cloud Key Management as a Service (KMaaS) gives Microsoft Azure Cloud Storage Service customers a best-in-class Bring Your Own Key (BYOK) solution
Aarhus, Denmark (November 13, 2017)
Sepior today announced the release of a plugin for customers of Microsoft’s Azure Cloud Storage Service to control their own encryption keys. Along with Sepior’s previously developed Amazon S3 plugin, the company’s KMaaS solution now supports the two leading public cloud platforms, protecting multi-vendor cloud storage environments.
Regulatory compliance and privacy protection for healthcare, financial service and retail transactions are increasing the need for encryption. In addition to strict guidelines found in HIPAA, SOX and PCI DSS, the coming European Union General Data Protection Regulation (GDPR) scheduled for 2018 levies heavy punitive fines on companies that suffer data breaches because of unsecured data. Security experts recommend BYOK for optimal security, ensuring client side master keys and unencrypted data are never sent to a public cloud, but key management can be a significant burden for many companies.
Sepior’s KMaaS is the only pure-cloud cryptographic key management system available as an economical consumable service that delivers end-to-end encryption and requires no trust in any single service provider. Sepior uses secure Multi- Party Computation (MPC) to realize a Distributed Security Module (similar in concept to a Hardware Security Module or HSM) based on threshold security optimized to run in the cloud. This design enables high-availability and fault-tolerance and scales from 3 to any large number of servers, and is delivered to the customer as a consumable cloud service.
Microsoft provides libraries in various languages to access data on the Azure Cloud Storage Service. Sepior’s plugin provides client-side encryption so that only encrypted data is ever sent to Azure Cloud Storage and encryption keys that are provisioned are never available to anyone other than the client during encryption and decryption operations. The Sepior plugin uses the .NET Azure Storage client library to supply cryptographic keys by acting as a Key Resolver to perform key operations.
Sepior’s Azure Storage Service plug-in is available immediately as a standard component of Sepior KMaaS.
Founded in 2014 as a spinout from the University of Aarhus in Denmark, Sepior develops key management solutions for encrypting data on the public cloud. Using patented cryptographic protocols, Sepior’s RSA award-winning team of cryptography experts have developed a practical virtual Key Management Service (KMS) using secure multi-party computation (MPC), a technique for splitting cryptographic keys between different providers that results in distributed trust. As the industry’s first true cloud-native KMS based on MPC, Sepior gives businesses full control over the encryption keys used by their SaaS-providers without relying on any single SaaS-provider, and at SaaS economics.
The company is partially funded by a grant from the European Union’s Horizon 2020 Research and Technology program.