Trending...
- Spokane: Camp Sekani Update 7/9/26
- Spokane: Behavioral Health Unit Expansion
- Tacoma: Statement from At-Large Council Member Latasha Palmer and At-Large Council Member Olgy Diaz Regarding Stand-Alone Data Centers
SEATTLE--(BUSINESS WIRE)--The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released Cloud Key Management System with External Origin Key. Written by the Cloud Key Management Working Group to help organizations optimize such business outcomes as security, agility, cost, and compliance, the paper provides general guidance for choosing, planning, and deploying cloud-native key management systems (KMS) in cases where organizations either want to or must import key material (e.g., keys, vaults, secrets, policies) from an external source.
"A cloud service provider's KMS often has strong ties to its other cloud services, and this same cloud-native KMS using EKO can be used with a customer's on-premises technologies and cloud services from other providers. Unsurprisingly, integrating a cloud KMS with an organization's assets spanning traditional private data centers, as well as private and public cloud services in various geographic locations presents a host of challenges," said Paul Rich, co-chair of the Cloud Key Management Working Group and one of the paper's authors. "It's our hope that after reading this document, program and project managers who have been tasked with leading their organization through the selection, planning, and deployment stages of cloud-native KMS using EKO will be able map considerations to their organization."
More on Washingtoner
The guidance addresses the technical, operational, legal, regulatory, and financial aspects of leveraging a cloud-native KMS using external key origin (EKO) for each of the three stages of the lifecycle (choosing, planning, and deploying). Each aspect is broken down into further considerations and their accompanying justifications. Because cloud-native key management systems using EKO are relatively new, there isn't a large repository of best practices from which to draw. This guidance, therefore, combines best practices drawn from experience with traditional key management systems, cloud services in general, and cloud-native key management systems.
For further reading, Key Management in Cloud Services: Understanding Encryption's Desired Outcomes and Limitations provides the foundation for the choice of cloud KMS pattern and general guidance for using KMS whether the KMS is native to a cloud platform, external, self-operated, or yet another cloud service. Additionally, Recommendations for Adopting a Cloud-Native Key Management System provides more specific guidance for choosing, planning, and deploying cloud-native key management systems.
The Cloud Key Management Working Group aims to facilitate the standards for seamless integration between cloud service providers and key broker services. Those interested in participating in future research and initiatives involving cloud key management are invited to join the working group.
More on Washingtoner
Download Cloud Key Management System with External Origin Key now.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
Contacts
Media Contacts
Kristina Rundquist for the CSA
kristina@zagcommunications.com
"A cloud service provider's KMS often has strong ties to its other cloud services, and this same cloud-native KMS using EKO can be used with a customer's on-premises technologies and cloud services from other providers. Unsurprisingly, integrating a cloud KMS with an organization's assets spanning traditional private data centers, as well as private and public cloud services in various geographic locations presents a host of challenges," said Paul Rich, co-chair of the Cloud Key Management Working Group and one of the paper's authors. "It's our hope that after reading this document, program and project managers who have been tasked with leading their organization through the selection, planning, and deployment stages of cloud-native KMS using EKO will be able map considerations to their organization."
More on Washingtoner
- Appliance EMT Expands Built-In and Walk-In Refrigerator Service in Metro Atlanta
- LawProactive Launches SB 37-Compliant Attorney Marketing Software With Exclusive City Territories Across California
- Cogs and Marvel expands EMEA leadership team for next phase of growth
- Dave Freer's "Storm-Dragon" Wins First-Ever Prometheus Special Award For Young Adult Fiction
- T. Jones Group Celebrates Two Wins and Multiple Project Nominations at the 2026 HAVAN Awards
The guidance addresses the technical, operational, legal, regulatory, and financial aspects of leveraging a cloud-native KMS using external key origin (EKO) for each of the three stages of the lifecycle (choosing, planning, and deploying). Each aspect is broken down into further considerations and their accompanying justifications. Because cloud-native key management systems using EKO are relatively new, there isn't a large repository of best practices from which to draw. This guidance, therefore, combines best practices drawn from experience with traditional key management systems, cloud services in general, and cloud-native key management systems.
For further reading, Key Management in Cloud Services: Understanding Encryption's Desired Outcomes and Limitations provides the foundation for the choice of cloud KMS pattern and general guidance for using KMS whether the KMS is native to a cloud platform, external, self-operated, or yet another cloud service. Additionally, Recommendations for Adopting a Cloud-Native Key Management System provides more specific guidance for choosing, planning, and deploying cloud-native key management systems.
The Cloud Key Management Working Group aims to facilitate the standards for seamless integration between cloud service providers and key broker services. Those interested in participating in future research and initiatives involving cloud key management are invited to join the working group.
More on Washingtoner
- Spokane: Mayor Brown Joins 10th Bloomberg Harvard City Leadership Initiative Class to Strengthen Local Government and Advance Resident Priorities
- Studica Robotics Supports Robotics Training Camp for WorldSkills Shanghai 2026
- Lineus Medical Renews Agreement with Vizient, Delivering Enhanced Value for Vizient Members
- Qscription Technologies Appoints Radiology Industry Veteran Elliot Silverman to Advisory Board
- Search Is Broken. Curated Discovery Is the Future
Download Cloud Key Management System with External Origin Key now.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
Contacts
Media Contacts
Kristina Rundquist for the CSA
kristina@zagcommunications.com
0 Comments
Latest on Washingtoner
- City of Spokane, Catholic Charities Showcase Innovative Homeless Outreach Program at National Conference
- MD Marine Electric Announces Rebranding as MD Electric Group
- Sounds of LA County: 27 Parks.108 Concerts. One County
- Only One Flight Stands Between Los Angeles Youth Leaders and a Life-Saving Mission in South Africa
- Stigma Across Borders: Concerns Grow Over Discrimination Against Shincheonji Members Abroad
- Wu-Tang Made One Album for One Buyer. This Band Makes One Original Song for Every Fan
- Tacoma: Preparing the Bid Workshop on July 22
- World Cup Crowds Are a Stress Test for America's Restrooms
- Postmortem Pathology Expands Access to Private Autopsy Services in Las Vegas
- How Sacramento Families Are Using Private Autopsies to Protect Inheritances, Resolve Insurance Claims, and Find Closure
- Los Angeles' Best Food: Food Journal Magazine Examines the Trends Shaping the City's Dining Scene
- Spokane: SPD Make an Arrest in Connection with an Arson that Happened on June 9
- Landmark Construction Expands Glass, Glazing, and Commercial Remodeling Services Across Los Angeles County and Surrounding Areas
- Tacoma: Statement from At-Large Council Member Latasha Palmer and At-Large Council Member Olgy Diaz Regarding Stand-Alone Data Centers
- Tacoma: Homicide Investigation – 6900 Block of East D Street
- ENTOUCH Named Top 100 Inspiring Workplaces in North America for Third Consecutive Year
- Pulse Wave is where moments become movements
- Michigan's Plane Crash Data Points Away from Big Airports
- 2iG Solutions Launches MGA Insight, Bringing AI-Powered Business Intelligence to Managing General Agents
- A Better Way to Find a Real Estate Agent Is Coming Soon