IT Solution Provider Helps Customer Protect vSphere and vSAN Encryption Keys with Alliance Key Manager for VMWare
“As our customers face new and evolving compliance regulations that require them to encrypt private data, we needed a partner that could provide easy and affordable encryption key management for VMware.”
- Kushal Sukhija, Technical Director
With over 15 years of experience and 300+ happy clients, Indus Systems offers solutions in:
- Business Continuity
- Core Infrastructure
- Network & Security
- User Devices
- Professional Services
The Challenge: vSphere / vSAN Encryption Key Management
Based in India, Indus Systems is increasingly finding their financial customers concerned with meeting the Securities and Exchange Board of India (SEBI) requirements for protecting private information. According to the SEBI framework, which came into force on April 1, 2019, “Critical data must be identified and encrypted in motion and at rest by using strong encryption methods.”
With SEBI’s new cyber security framework, JM Financial Asset Management Ltd turned to Indus Systems for guidance on how to better protect their data. JM Financial Asset Management Ltd, an Indus Systems customer of 10 years, were due for a technology refresh. As part of the project, the company would rely heavily on VMware and protecting private data with vSphere and vSAN encryption.
Knowing that for encryption to be truly effective it needs to be coupled with encryption key management, Indus Systems and JM Financial Asset Management Ltd visited VMware’s Solution Exchange in search of a VMware Ready key management solution.
Alliance Key Manager for VMware
“After visiting VMware’s Solution Exchange and finding Townsend Security’s Alliance Key Manager as a VMware Ready solution that had been certified by VMware for use with vSphere and vSAN encryption, we knew that we could easily help customers like JM Financial Asset Management Ltd meet SEBI’s encryption requirements,” said Kushal Sukhija, Technical Director, Indus Systems.
With Alliance Key Manager for VMware, organizations can centrally manage their encryption keys with an affordable FIPS 140-2 compliant encryption key manager. Further, they can use native vSphere and vSAN encryption - agentless - to protect VMware images and digital assets at no additional cost. VMware customers can deploy multiple, redundant key servers as a part of the KMS Cluster configuration for maximum resilience and high availability.
“Alliance Key Manager proved to be an affordable and easy to deploy solution that we will be able to offer our customers beyond JM Financial Asset Management Ltd,” continued Sukhija. “Further, as part of our due diligence, we started
a Proof of Concept (POC) with another key management vendor as well. After getting halfway through the project, we could quickly see that their solution was getting complicated and expensive - something that we could not recommend and deploy for our customers.”
By deploying Alliance Key Manager for VMware, Indus Systems was able to meet their organization’s and client’s needs to protect private data at rest in VMware.
Integration with VMware
“VMware’s native vSphere and vSAN encryption make it easy to protect VMware images and digital assets. With Townsend Security’s Alliance Key Manager, we were able to protect our data with no additional agents or additional costs as JM Financial Asset Management Ltd scales their IT infrastructure,” said Sukhija. With a low total cost of ownership, Alliance Key Manager customers can leverage the built-in encryption engine in VMware enterprise, with no limits imposed to the number of servers or data that can be protected.
By achieving VMware Ready status with Alliance Key Manager, Townsend Security has been able to work with VMware to bring affordable encryption key management to VMware customers and the many databases and applications they run in VMware Enterprise. VMware Ready status signifies to customers that Alliance Key Manager for VMware can be deployed in production environments with confidence and can speed time to value within customer environments.