We are pleased to announce the release of SafeNet Data Protection On Demand Version (DPoD) 1.7. This release makes it easier than ever before to migrate from alternate Cloud HSM vendors such as AWS, and to integrate with a variety of technology partners including CyberArk and Microsoft.
For current AWS Cloud HSM Classic (Luna) customers, we now offer a Key Migration Guide for AWS. This guide explains in simple terms how to transfer key material from an Amazon Web Services (AWS) Cloud HSM Classic to a DPoD HSM on Demand service.
We are also excited to announce 5 new integration tiles in our expanding portfolio of HSM on Demand services:
- HSM on Demand for CyberArk Digital Vault
- HSM on Demand for Java Code Signer
- HSM on Demand for Microsoft ADCS
- HSM on Demand for Microsoft Authenticode
- HSM on Demand for Microsoft SQL Server
HSM on Demand for CyberArk Digital Vault provides a root of trust for CyberArk Digital Vault’s top-level encryption key in an HSM. By generating the server key using HSM-based entropy, HSM on Demand provides secure key storage. Click here for the integration guide.
HSM on Demand for Java Code Signer performs cryptographic sign operations on Java artifacts using an encryption key generated on an HSM. Security is significantly enhanced by generating signing keys and certificates using HSM entropy and Java code signing crypto operations are performed inside the HSM on Demand Service. Click here for the integration guide.
HSM on Demand for Microsoft ADCS provides a root of trust for Microsoft Root Certificate Authority (CA) signing key in an HSM. This enforces hardened boundaries for the CA’s root cryptographic signing key, which is used to sign the public keys of certificate holders. By providing the root of trust for the CA’s public key Microsoft’s security is bolstered for example when configuring applications servers hosting Microsoft ADCS in dispersed data centers. Click here for the integration guide and video tutorial.
HSM on Demand for Microsoft Authenticode generates and secures Microsoft Authenticode certificates on an HSM and by doing so, provides hardened boundaries for Microsoft Authenticode digital certificates. Click here for the integration guide.
HSM on Demand for Microsoft SQL Server enables Microsoft SQL Server cryptographic operations on an HSM. The HSM provides root of trust for storage of keys used in Microsoft SQL so that encryption keys do not reside with encryption data. Data can be encrypted by using encryption keys that only the database user has access to on in the HSM on Demand service and cryptographic operations such as key creation, encryption, decryption, etc. can be offloaded to the HSM. Click here for the integration guide.
All the current integration guides can be found here.
The latest release also includes multi-factor authentication (MFA) support, allowing DPoD users to employ a mobile application which generates one-time password. Currently DPoD supports a number of authenticators including Google Authenticator, Authy and 1Password but we are working closely with the Gemalto Identity and Access Management teams to integrate Gemalto’s solutions into upcoming releases. As part of our efforts to continuously enhance security, you are required to log in using multi-factor authentication using an authentication application on a mobile device. MFA increases user account security by requiring users to configure an MFA token linked to their DPoD user account that generates unique 6-digit time-based one time passwords (TOTP). We will inform you as soon as Gemalto’s STA and SAS solutions are integrated too. For more details, click here.
The recent release also includes our expanded platform capabilities for multi-tier distributor models. This additional tenant management tier in the DPoD platform enables us to better support distributors, and/or service providers who manage their own channels or Virtual Service Providers. As we focus our efforts on building our MSP/MSSP channel, this capability adds more commercial channel layers to DPoD, and enables us to expand our go to market. This will be further enhanced in upcoming releases as we expand capabilities including a service provider hosted onboarding, with their own dedicated registration forms and automated registration processes, as well as white labeling options. With a smoother onboarding process than ever before, we encourage you to sign up now for a free evaluation here. For additional details about this and other release features, please refer to the DPoD 1.7 Customer Release Notes.
As part of our commitment to offering services and resources that enable our customers to meet local and international governance and compliance needs, we are pleased to announce that DPoD has now achieved the internationally recognized ISO 27001 and SOC 2 certification. This provides customers with the confidence of using a service that has undergone a thorough independent review and comprehensive audit.
For more information, visit the SafeNet Data Protection On Demand website and sign up now for a free evaluation.
For all questions about SafeNet Data Protection On Demand, please email us at dpondemand@gemalto.com.
