Hewlett Packard Enterprise ESKM 4.0

ESKM 4.0 single node server <b>Enterprise data protection</b>

<b>Protecting sensitive information with data encryption</b>
Organizations across all industry and public sectors are increasingly challenged to protect their sensitive information (cardholder data, patient records, personal identifying information, and intellectual property) from threats like unauthorized insider access, accidental disclosure, and theft by a range of hostile outsiders. Auditors, regulators, and industry compliance mandates often require encryption of sensitive data-at-rest as a minimum standard of care and security best practice. When sensitive data at rest is encrypted, the risks of audit failures, financial losses, and damage to an organization’s reputation are significantly reduced.

<b>Key management is essential</b>
When encryption is used to protect data at rest, strong key management practices with policy enforcement are needed to manage, protect, serve, and preserve underlying encryption keys over the life of the data. If keys are compromised, data is compromised. If keys are lost, data is lost and business continuity is impacted. Finally, if an organization cannot prove that data and keys were managed and protected under stated policies, it may fail compliance audits.

<b>Product overview</b>
HP Enterprise Secure Key Manager (ESKM) provides a complete solution for unifying and automating an organization’s encryption controls by securely creating, protecting, serving, controlling, and auditing access to encryption keys. ESKM now supports the OASIS Key Management Interoperability Protocol (KMIP) version 1.0, 1.1, and 1.2 clients, enabling the broadest range of data protection products, partners, and solutions. A client-side Software Developer Kit (SDK) is also available to HP Partners and customers to enable native ESKM client integrations. ESKM is designed as a fully integrated solution: an independent lab-validated secure server appliance. Standard capabilities include high availability clustering and failover, secure key database, key generation and retrieval services, identity and access management for administrators and encryption devices, secure backup and recovery, a local Certificate Authority, and strong audit logging for compliance validation.