Securely manage and safeguard data encryption keys throughout the key lifecycle, from a single location with full control
Manage the entire key lifecycle
With IBM® Key Protect for IBM Cloud®, offered in Dedicated and Standard tiers, you can centrally provision, manage and govern encryption keys for applications across IBM Cloud. This gives you a single place to oversee data encryption and administer every stage of the key lifecycle.
Fully control and strengthen your key management practices by securely importing symmetric keys from your internal key management infrastructure into IBM Cloud.
Built-in hardware-rooted security with 140-2 Level 3 (Standard) and 140-3 Level 4 (Dedicated - under NIST certification) HSMs for key protection.
Leverage integrated robust telemetry to monitor user and application activities with IBM Cloud Activity Tracker ad IBM Cloud Logs.
Track subscription and credit spending for all accounts from a single view.
Deployment tiers
Standard
Multi-tenant for shared cloud efficiency with Bring Your Own Key (BYOK) flexibility
Dedicated
Single-tenant with Keep Your Own Key (KYOK) for exclusive control and a dedicated environment
IBM Key Protect now directly offers the ability to create adapters for Key Management Interoperability Protocol (KMIP) for use with VMware and upload certificates for secure communication.
Use a root key to encrypt and decrypt the keys that protect your data.
Apps can integrate with Key Protect APIs, SDKs and Terraform.
Keys are encrypted in use, at rest and in transit for full protection.
Generate, store, retrieve and manage keys independent of application logic.