Introduction

Thales Vormetric’s Data Security Manager (DSM) and Gemalto’s KeySecure product portfolios have been in the market for over a decade. Thales has developed many loyal customers following for the abilities surrounding key management and data encryption.

However, Thales has decided to progress forward to meet customer requirements for a hybrid operating environment/cloud environment and meet the technology advancements by combining the legacy SafeNet KeySecure and Vormetric DSM to generate a “best of breed” solution among the product lines called “Cipher Trust Manager (CTM).”

Encryption Consulting provides Services to ensure that the existing customers of Thales currently using SafeNet KeySecure and Vormetric DSM can migrate to Cipher Trust manager without any hustle

The Vormetric Cipher Trust Manager platform from Thales offers a proven alternative for KeySecure and Data Security Manager customers

Many challenges come with the end of the support date of a product for the customers. Below are the few common challenges:

  • Customers’ existing products may be out of compliance with regulatory mandates.
  • In the absence of security updates and patches, the customer might face increasing exposure to threats and risks, mainly targeting the unsupported Keysecure/DSM platform.
  • Developing a fruitful migration plan from the legacy product (Keysecure/DSM) to the advanced product (CTM).

Following are the high-level steps that Encryption Consulting will take to migrate from Gemalto SafeNet KeySecure or Vormetric DSM to Cipher Trust Manager:

  • Get the key stakeholders involved to understand and gather details on the current environment (using KeySeccure and Vormetric DSM), including recent product versions, existing use cases, etc.
  • Help customers developing the migration strategy, which includes the following approach at a high-level
    • Survey current customer use cases supported by the KeySecure/DSM portfolio.
    • Determine the number of physical/virtual appliances, HA groups, licenses in place, etc., on the deployed solution.
    • Determine the compatibility matrix of the existing appliances/applications with the desired version of Cipher Trust Manager (CTM).
    • Determine the migration timeline for the number of applications that need to be migrated from KeySecure/DSM to Cipher Trust Manager
    • Consider the impact of additional use cases being planned as part of the existing or proposed environment (e.g., customer planning to migrate to the cloud or undertake new use cases with the current solution).
    • Pick identified use cases from the customer and set up a lab environment to replicate the use cases.
    • Support customers replicate the same in their production/non-production environment.
    • Others
  • Assist customers in migrating from the current solution (KeySecure/DSM) to the Cipher Trust Manager (CTM).
  • Develop a runbook of the migration process and review the same with the primary stakeholders.

Below are a few of the benefits of migrating KeySecure/DSM to Cipher Trust Manager

  • Moving data to the Thales Cipher Trust Manager (CTM) will ensure that it meets the data protection space’s compliance and regulatory requirements.
  • The encryption Consulting team offers expertise in the data protection space such as encryption, tokenization, etc.
  • CTM will provide enhanced data protection capabilities.

Gemalto KeySecure, key management technology

This allows you to manage your encryption keys and ultimately own your data centrally.

Your sensitive data is safe from compromise regardless of where it is stored: in a database, file server, application, traditional or virtualized data center, or public cloud environment.

Gemalto KeySecure offers a hardware root of trust using SafeNet Luna Hardware Security Modules (HSMs), which supports a comprehensive encryption environment that includes both Gemalto and third-party devices.

KeySecure has announced the end-of-life (EOL) and end-of-sale (EOS)as outlined in its notification. The EOL announcements impact the following KeySecure Classic appliances:

  • Physical KeySecure K250, K450, K460 appliances
  • Virtual KeySecure V8.X, k150v 8.x, k450v 8.x, for AWS

Timeframe for End-of-Sale, End-of-support, and End-of-Life

  • 22-Apr-2020

    External EOS/EOL Announcement to Customers

    Date when customers will be informed about End-of-Life

  • END-OF-SALE (EOS) of Classic KeySecure

    Affected product SKU’s will be removed from the Sales Catalog. They cannot be sold after this date.

    30-Jun-2020
  • 31-Dec-2023

    END-OF-SUPPORT and END-OF-LIFE

    Last date that the affected products will be supported.

Vormetric DSM

The Vormetric Data Security Manager (DSM) is the central management point for all Vormetric Data Security Platform products. The DSM creates, stores, and manages data encryption keys and allows enterprises to control every aspect of their Vormetric data security platform implementation.

Administrators can use the Data Security Manager to define data access policies, manage DSM users and logical domains, generate usage reports, register new hosts, examine security logs, and manage third-party keys, digital certificates, and more.

Vormetric product line has announced the EOL, which impacted Vormetric products, including Vormteric DSM.

Following Vormetric DSM products are affected by the EOL announcement:

  • Physical Data Security Manager, V6000 and V6100 appliances
  • Virtual Data Security Manager appliances

Timeframe for End-of-Sale, End-of-support, and End-of-Life

  • 16-April-2021

    External EOL Announcement to Customers

    Customers informed about End-of-Life. Product moves to Maintenance Mode – only minor enhancements, security and bug fixes available from this date

  • Last Time Buy

    Affected product SKU’s cannot be sold after this date.

    30-June-2023
  • 30-June-2024

    END-OF-SUPPORT and END-OF-LIFE of Vormetric Data Security Manager and Vormetric Agents

    Affected products no longer supported.

Cipher Trust Manager

The CipherTrust Data Security Platform’s central management point is CipherTrust Manager. CipherTrust Manager is an enterprise key management solution that allows organizations to centrally manage encryption keys, provide granular access control, and define security policies.

It manages key lifecycle operations such as key generation, rotation, destruction, import, and export and provides role-based access control to keys and policies, robust auditing, and reporting and also has a developer-friendly REST API.

CipherTrust Manager works with FIPS 140-2 compliant Thales Luna or third-party Hardware Security Modules (HSMs) to securely store keys with the highest root of trust in virtual and physical appliances.

These appliances can be used to meet compliance requirements, regulatory mandates, and industry best practices for data security on-premises in physical or virtualized infrastructures, as well as in public cloud environments.

It is simple to define policies, identify and classify data, and secure sensitive data wherever it resides with the CipherTrust Data Security Platform products to a unified management console.

Encryption Consulting provided expert level encryption assessment services to our company, These guys really know their stuff and always conduct themselves professionally.

Industry: Payer

Sr Security Governance Analyst