Key Management and Payments Security Blog - Thales e-Security

Data Security and Key Management - Thales e-Security

  • Multi-Cloud Key Management: Service and Deployment Options

    By | April 24, 2017

    By Adrian Lane, (guest author)

    This blog first appeared on Securosis (

    This post will discuss how to deploy encryption keys into a third-party cloud service. We illustrate the deployment options, along with the components of a solution. We will then walk through the process of getting a key from your on-premise Hardware Security Module (HSM) into a cloud HSM. We will discuss variations on using cloud-based HSM for all encryption operations, as well as cases where you instead delegate encryption operations to the cloud-native encryption service. We’ll close out with a discussion of software-based (non-HSM) key management systems running on IaaS cloud services.

    Continue Reading
  • Encryption Everywhere

    By | April 20, 2017

    There’s something satisfying about having empirical evidence confirm what you see every day. This year’s Global Encryption Trends Study reveals that encryption has come a long way since the days when it was governments and banks that cared most about it. Today, encryption is a core element of the data security strategy for all types of organizations, and the results of this year’s survey bear that out. Encryption – with a sound key management approach underpinning it – can protect your data when the other lines of defense around it break down. And as my colleague Cindy Provin noted in her recent blog post, its importance is appreciated all the way up to corporate boardrooms across the globe.

    Continue Reading
  • Why your business is missing a trick by failing to prepare for the GDPR

    By | April 19, 2017

    Brexit has certainly raised many questions with business leaders, but none more so than around the impending EU General Data Protection Regulation (GDPR). In fact, I recently read that one in four businesses have cancelled all preparations for the GDPR as they mistakenly believe the rules will no longer apply in the wake of the triggering of Article 50 last month. What’s more, and perhaps even more worryingly, nearly half (48%) have not even begun to prepare for the changing regulations, which come into effect next year.

    Continue Reading
  • Encryption becomes a boardroom matter

    By | April 13, 2017

    When it comes to matters of encryption, you wouldn’t be alone in thinking they reside solely within the confines of an organization’s IT team. In fact, for the past 12 years, our Global Encryption Trends Reports have shown that the IT operations function has consistently been the most influential in framing an organization’s encryption strategy.

    Continue Reading
  • All ‘Go’ for Thales’s Open Source project

    By | April 12, 2017

    Thales has recently embarked on its first fully Open Source project, enabling organisations using cloud-related tools to leverage our hardware security modules (HSMs) for protection.

    Continue Reading
  • Multi-Cloud Key Management (New Series)

    By | April 11, 2017

    By Adrian Lane ( (guest author)

    This blog first appeared on Securosis (

    Running IT systems atop public cloud services is a reality for most companies. Just about every company uses Software-as-a-Service to some degree, with many having already migrated back office systems like email, collaboration, file storage and customer relationship management software. But now we are also witnessing the core of the data center – financial systems, databases, supply chain and enterprise resource planning software – moved to public Platform and Infrastructure ‘as-a-Service’ (PaaS, IaaS) providers. It’s common for medium and large enterprises to run SaaS, PaaS and IaaS from different providers, in parallel with on-premise systems. Some small firms we speak with no longer have a data-center, with all of their applications hosted by third parties.

    Continue Reading
  • The Evolution of Encryption

    By | April 04, 2017

    The roots of encryption go deep into human history. Encryption has been used for centuries to encode messages, usually to keep government secrets, but also to protect business or trade secrets such as the formula to make silk or pottery. Early encryption was fairly simplistic, largely relying on paper and pencil techniques like steganography, transposition and substitution. In the last century, encryption methods have advanced at a rapid clip, first by leveraging automation and the use of machinery and then by employing advanced mathematics and powerful computers.

    Continue Reading
  • Securing the Mobile Payment Revolution

    By | April 04, 2017

    On April 3, 1973, Motorola employee Martin Cooper made the first mobile phone call. Cooper used the opportunity to call Joel Engel, a competitor at AT&T, to tell him he had an operational mobile phone. Without knowing it, Cooper set events into motion that would change the world forever.

    Since the time of Cooper’s first call, there has been an explosion of innovation in mobile technologies. One of the most significant innovations came on Jan. 9, 2007 when Apple announced the first generation of the iPhone. In his address, Steve Jobs very accurately noted that “today, Apple is going to reinvent the phone.”

    Continue Reading
  • Security and Trust Fundamental to Unlocking the Power of Data

    By | March 31, 2017

    The first payments and data event in the UK, Unlocking the Power of Data: The future of smarter payments provided a wealth of new thinking and insight. It explored how trusted third parties could offer consumers a much broader and innovative range of payment and account information services than they have today through their high street bank. You may be surprised to hear that all of this is being actively encouraged by HM Treasury and the financial regulator who were among the presenters and panelists at the event!

    Continue Reading
  • Blockchain: From Cyberpayments to Distributed Ledger

    By | March 30, 2017

    In the short period that blockchain has been around, the distributed ledger technology has spread from cybercurrency to a wide number of applications in the financial industry. Cost savings, faster transactions, and improved data security are just a few of blockchain’s redeeming qualities.

    Today, many top technologists, investors and bankers are appreciating blockchain technology’s ability to transform the way people and businesses transmit value and establish trust. In fact, there isn’t a business or organization these days that doesn’t have highly sensitive information that requires robust security measures. Lucky for us, behind each blockchain is enhanced cryptography used to protect the data from hacker fraud.

    Continue Reading
View more

About this blog

Welcome to our new merged blog site, featuring key management and payments security focused content previously hosted on and

As companies look to protect their customer data and other sensitive information, encryption is being deployed more widely. Yet if an encryption key is lost then that data cannot be recovered. Avoiding this problem demands formalized processes and robust technologies for key management making the protection, management and secure use of cryptographic keys a fundamental component of modern IT security.

Thales has been applying data protection and key management expertise to the worldwide payments industry for over 25 years. Our solutions secure retail and corporate banking, integrate with all widely used credit/debit applications, and include the world's best-selling EMV data preparation system and complete PIN management for card issuers.

Powered by GlobalLink OneLink Software