nCipher plc., a global leader in protecting critical enterprise data, has been awarded a significant contract by a major New York-based global financial institution for its keyAuthority enterprise key management solution. Following selection through competitive tender, keyAuthority has been chosen to provide a common key management infrastructure serving the needs of multiple business areas and IT systems, as the use of encryption and other forms of cryptographic security expands across the company. This follows the announcement at the AGM on 25 May 2007 of the agreement of commercial terms.
Commenting on the contract, Alex van Someren, Chief Executive Officer, nCipher plc said, "Following demanding proof-of-concept trials, keyAuthority has been selected ahead of competing products for this prestigious contract win. Many organizations around the world are actively taking steps to protect critical and sensitive data, with encryption becoming the preferred method to enforce privacy policies.
"With more than ten years' specialist experience in the field of key management, the choice of keyAuthority by this important customer demonstrates the value of our innovative research and development process in creating preferred solutions for the most security-conscious companies in the world."
Enterprise key management is increasingly seen as an important way to address IT and compliance concerns in relation to data security. A recent survey of more than 100 large companies by the market research firm Taneja Group* reported that 54% of respondents plan to deploy key management systems within the next 12 months. To address this growing market keyAuthority centralizes the storage and administration of sensitive cryptographic key material which can then be automatically distributed on-demand to servers and applications anywhere across the extended global enterprise. keyAuthority replaces costly and error prone manual key management processes and avoids the complexity and inconsistency of using the native key management features of individual applications or devices. keyAuthority also provides capabilities to manage key archiving and can form the cornerstone of a broader, data centric security strategy to manage sensitive information within and beyond the enterprise.
Many key management deployments are initially focused on the need to manage encryption keys associated with storage systems. As tape back-up and storage systems increasingly utilize encryption techniques to ensure privacy, the secure archival and retrieval of keys, potentially over long periods of time, presents a new management challenge to avoid the risk of keys being lost and tapes being rendered useless. However, investment decisions often focus on more sophisticated capabilities that provide key mobility and automated key distribution that can form the cornerstone of a broader, data centric security strategy where sensitive data is protected throughout its life-cycle as it moves within and beyond the enterprise.
As an enterprise-wide management tool, keyAuthority is open, flexible and most importantly secure. In addition to managing keys on behalf of dedicated security devices such as encrypting tape drives, by utilizing open standards and common APIs, keyAuthority can perform key management tasks on behalf of both commercial and in-house software applications often without modification. Furthermore, KeyAuthority supports the management of symmetric keys as well as asymmetric key pairs and associated digital certificates whether used for encryption, strong authentication or digital signing applications. keyAuthority benefits from a secure and highly scalable architecture that utilizes FIPS-validated hardware platforms to provide tamper-resistant protection for all cryptographic processes and policy enforcement functions.
* The Growing Importance of Storage Security & Key Management in Large Enterprises - The Taneja Group April 2007