AWS KMS has a feature called AWS XKS that allows secure communication with external encryption keys. This means that you hold your own key (HYOK). Using this solution, it’s possible to encrypt data with private external keys for many AWS services including Amazon EBS, AWS Lambda, Amazon S3, Amazon DynamoDB, and over 100 other services. It is possible to do this without requiring any modifications to the current configuration parameters or code used for these services.
Complior currently offers a KMS as a service based on Thales CipherTrust manager, protected by Thales HSM. This service is provided to our customers through secure data centers in Stockholm, Sweden.

Obtain digital sovereignty and meet compliance requirements

CipherTrust Cloud Key Manager (CCKM), which is a licensed component of the CipherTrust Manager, provides key generation, separation of duties, reporting, and key lifecycle management to assist in fulfilling internal and industry data protection mandates. It is FIPS 140-2 Level 3 certified.
This solution enables organizations to:

Learn more