CMK for SaaS Architects

What is CMK?

Customer Managed Keys is a cloud architecture that gives customers ownership of the encryption keys that protect some or all of their data stored in SaaS applications.

CMK has these characteristics:

  • Per-tenant encryption for some or all customer data.
  • Your customer (tenant) manages a master key or keys needed for decryption.
  • Your customer can independently monitor all data access.
  • Your customer can independently revoke access at any time.

CMK White Paper: 

What SaaS Architects Need to Know

CMK is known by many different names.  

  • EKM - Enterprise Key Management
  • BYOK - Bring Your Own Keys
  • CSK - Customer Supplied Keys
  • BYOE - Bring Your Own Encryption

IronCore Labs is a data privacy platform for controlling data in the cloud. SaaS businesses rely on IronCore Labs to add privacy-by-design into apps and to protect sensitive data. 

IronCore Labs offers a fast path to customer managed keys, unbypassable data controls and zero-trust end-to-end encryption. 

With IronCore Labs, you know who has access to your data, who has accessed it, when and from where. You have the control you need to revoke access at any time, regardless of where the data lives.

About IronCore Labs

“Buyers of cloud services and mobile devices should demand that providers offer the option of managing their own encryption keys.” 

- Gartner