Pat Townsend Now Shipping Encryption Key Software
March 2, 2010 Alex Woodie
After announcing the product over a year ago and shipping it to OEM customers last summer, Pat Townsend Security Solutions is finally ready to begin delivery of Alliance Key Manager to customers directly, the vendor announced last week.
Alliance Key Manager, which was first unveiled in December 2008, is designed to provide a secure central repository for creating, managing, importing, exporting, and destroying symmetric encryption keys that organizations use across their enterprise.
The offering, which is a System x rack server running a hardened version of Linux, ships with libraries that allow it to store and supply encryption keys for all major platforms, including Windows, Unix, Linux, i/OS, and z/OS. The offering does not require agents to be installed or managed on host platforms.
The new product generates three sizes of AES encryption keys–128-bit, 192-bit, and 256-bit–and can also generate keys for Blowfish, Twofish, and other encryption key algorithms, according to PTSS. A pseudorandom number generator called CSPRNG is used to generate encryption keys, which are stored in a secure database, PTSS says. The keys themselves are encrypted twice, and protected with SHA-256 hash verification to prevent key corruption and key substitution, according to the vendor.
Alliance Key Manager keeps tracks of keys according to a user-friendly name given to the keys by the administrator. The administrator can rotate keys manually, or assign the task to the software. Similarly, administrators can make keys expire automatically, or keep them around forever. The software automatically handles the versioning of the keys as well.
PTSS includes other handy features that ease the administrative burden of managing encryption keys. For starters, keys can be regulated so that only certain users or groups of users have access to the keys, and thus to data. The product also supports mirroring and back up capabilities (over encrypted connections, of course) that allow customers to retrieve keys on a second Alliance Key Manager appliance, providing a way to retrieve keys in the event of a disaster.
Last but not least, Alliance Key Manager keeps a log of all activities, providing auditors with a way to piece together key requests and other sensitive activities that could impact an organization’s compliance with PCI, HIPAA, GLBA, and other regulations. Integration with security information event management (SIEM) systems also helps administrators keep an eye on unauthorized breaches.
Alliance Key Manager holds several certifications from the National Institution of Standards in Technology, including AES (all key sizes and modes), SHA, RNG, and FIPS-140-2 Level 1. The product is still in the process of getting the coveted FIPS 140-2 certification.
Even the most careful companies lose data, says Patrick Townsend, the founder and CTO of PTSS. “When you accept that data loss is inevitable, it becomes obvious that strong data protection and proper key management are central to your data security practices,” Townsend states in a press release. “We know that even if you’re encrypting sensitive data, that data is only as secure as the encryption keys. That’s precisely why we built the Alliance Key Manager solution.”
Pricing for Alliance Key Manager was not immediately available. For more information, visit the company’s Web site at www.patownsend.com.