Alliance Key Manager end-of-life replacement
Migration path for end-of-life Alliance Key Manager Customers
Need an alternative to your Alliance Key Manager HSM?
Townsend Security has announced end-of-life for its range of Alliance Key Manager HSMs and virtual appliances as of 30th November 2023 and customers now need to find a replacement.
Using Alliance Key Manager or another HSM as an external secure key manager for database Transparent Data Encryption (TDE), now is a great time to consider a more flexible data protection solution that doesn’t lock you into a hardware-based solution.
Randtronics Data Privacy Manager (DPM) is a software suite that makes it easy for organisations to ‘protect everything’ with a single platform that provides:
- TDE protection for databases, servers and laptops
- Tokenization for field/column level data protection
- Enterprise key management
Using Alliance Key Manager to protect TDE keys?
customers using Alliance Key Manager to protect database TDE encryption keys, have the option with Randtronics DPM of:
a) minimum change: by retaining their current database TDE and having Randtronics DPM takeover function of providing external secure key management either in software or integrating with a wide range of multi-vendor HSMs if required
or alternatively
b) rationalizing and extending the scope of your encryption protection: by utilising Randtronics DPM to provide TDE protection for all of your databases, servers and laptops
Upgrade your legacy data protection environment
Alliance Key Manager customers can use Randtronics DPM to upgrade to a modern, flexible data privacy platform that makes it easy to implement data privacy best practices:
Typical use cases include:
- No-code TDE for any and all databases:
- Oracle, MS SQL Server, MySQL, Postgres, DB2, SAP Hana,
- any other database,
- agnostic to versions and editions
- No-code TDE for server-based file-stores and laptops
- No-code change Tokenization for MS-SQL Server and Oracle databases
- Column-level encryption and other field-level protections (FLP)
- No-code implementation available for MS-SQL Server and Oracle Database and flat files
- Low-code API protection for any field-level protection (FLP) for any application-database stored anywhere
Randtronics professional services can assist easily without any code or business process changes.
DPM modules - what's in the boxes
The Randtronics DPM product suite comprise three main modules.
Modules are designed to work standalone or together as an integrated solution tailored to meet your business needs:
- DPM easyCipher – Transparent Data Encryption
- DPM easyData – Tokenization
- DPM easyKey – Enterprise key management
Option 1 - retain your existing database TDE solution
Need a new key management solution to protect your database with minimum changes to your current TDE environment?
We recommend our DPM easyCipher module to perform the following functions:
a) Protection of database TDE encryption keys – ensuring root of trust is held separately from data
b) Extend protection to the entire DB server environment, including configuration files, log files and reports
c) Separation of duties, isolating the data privacy protection responsibility away from your DBA team, ensuring that log files cannot be altered.
Option 2 - replace your TDE solution
Alternatively, if you may wish modernize your legacy database TDE environment.
For a more streamlined approach, we suggest our DPM easyCipher module to perform the following functions:
a) Protection of entire Database Server environment protecting: database tables, configuration files, log files and reports
c) Separation of duties, isolating the data privacy protection responsibility away from your DBA team, ensuring that log files cannot be altered.
Hardware-based root-of-trust available if required
With the addition of our DPM easyKey module we provide easy-to-manage root-of-trust integration to HSM modules from multiple vendors:
- Flexibility to upgrade to High Assurance Key Management at the highest certified levels now or in the future
- Avoid lock-in to a single HSM vendor
- Rationalize your HSM fleet
- Transfer transaction burden to DPM software whilst still maintaining a hardware-protected root-of-trust
- Allows HSM root-of-trust to be consolidated for multiple encryption applications
Key Benefits
Replace your Townsend Security, Alliance Key Manager HSM with something better.
Solve your EOL hardware problem requirement with an easy to implement software alternative.
Give yourself the flexibility to upgrade your whole data protection environment at your own pace:
- Extensible, option to extend TDE protection to all databases, servers and laptops
- Future-proof, supports Tokenization and API level data protection
- Avoid lock-in to a HSM architecture, with the option to obtain hardware root-of-trust as and when required
- Reduce the need for specialty skills sets as Randtronics DPM runs on standard Windows/ Linux/ database operating environments (SOE)
- Simplify your data privacy compliance burden with centralized policy-based data protection that enforces access control and separation of duties and maintains a full audit trail.
Latest news and articles
Wide-ranging attacks against Barracuda appliances linked to China
This week the news broke that Mandiant (an incident response firm) attributed the recent cyberattack campaign targeting customers utilizing Barracuda’s Email Security Gateway to hackers
Goodbye, Tina Turner
Sad news this week that the Queen of Rock ‘n’ Roll has exited the stage. Many of us at the Randtronics team grew up hearing
Don’t take an Uber to the Big House
In a groundbreaking development, the ex-security chief of Uber has been convicted for his failure to disclose a significant data breach that occurred at the