TryTRY
BuyBUY
  • newsletter
  • contact
  • corporate
  • careers
Utimaco
de
TRYour free HSM simulator
BUYget a quote
  • home
  • solutions
  • products
  • services
  • blog
  • downloads
  • partners
  • company

Utimaco Portal

Here you will find everything you need as a partner and customerLogin required

  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • key management
      • Enterprise Key Management
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • key management
      • Enterprise Key Management
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research

Home / services / Key Exchange & Escrow Service (KEES™)

Key Exchange & Escrow Service (KEES™)

Key Exchange and Key Escrow Services (KEES™) is a service offering that helps you manage, migrate, and rotate your cryptographic keys  remotely. This service supports organizations with all aspects of the full key management lifecycle as well as offers full or partial key inventory escrow capability. KEES™ is a vital tool for your Cloud strategy implementation.

Utimaco services

On demand cloud services for HSMs & key management

Managing cryptographic keys is a challenge for most organizations. Many individuals that perform key management activities perform these on an ad hoc basis with little or no training. In most cases, every required function is an interruption to their normal full-time job responsibilities. Moreover, maintaining cryptographic keys necessitates substantial investment in hardware and supporting application technology that is used infrequently. This infrequent use necessitates regular and costly re-training. Key Exchange and Key Escrow Services (KEES™) gives you the opportunity to leverage our subject matter experts to carry out associated key management responsibilities including secure escrow and on-demand exchange capabilities for your organizations’ cryptographic key inventory.  KEES can even provide for remote management of your existing HSM infrastructure.

eKMS as a Service

With the expansion of encryption requirements for any enterprise today, the requirement to maintain a centralized key management utility or team is more necessary than ever before. Still, many organizations struggle to find and dedicate full-time subject matter experts and technologies to manage this growing requirement. KEES key exchange service closes this gap.

By utilizing the KEES eKMS as a Service offering, organizations benefit from our full-time and dedicated staff subject matter expertise for the purposes of key generation, key distribution, key rotation, key escrow, and compliance scope reduction.

eKMS as a Service will manage and perform the full key management lifecycle on your behalf.

HSM as a Service

While the vast majority of organization’s technical infrastructure is migrating to cloud-based services, HSM technology does not lend itself to this strategy quite so easily. The primary purpose of HSM technology is to ensure that cryptographic keys remain protected, not only in storage, but also while in use. Virtual solutions are software by definition, but HSMs are required to be hardware. Moreover, most HSM technology leverages proprietary APIs and rely on externally protected key stores.

The KEES platform is the ideal bridge between hardware requirements and the quest for virtual HSM technology. By leveraging cryptographically segregated relationship structures, the KEES platform extends a simple JSON schema RESTful API for remote access to a dedicated clients protected key store. Connections are supported over TLS 1.2. From there, the KEES platform translates the inbound RESTful API to different proprietary APIs for Utimaco and Atalla HSMs.

HSM as a Service eliminates the requirements of hardware management, offers dramatic compliance scope reduction, and utilizes full-time staff professionals to perform sensitive key management functions.

Remote HSM Management

The KEES Key Management Teams fully equipped to remotely manage your HSM infrastructure.  Leveraging the industry-first capabilities for remote HSM management of the Atalla Secure Configuration Assistant (SCA) and new technologies available on the AT1000, our team continues to evolve and adapt to remote technologies being performed by the PCI PIN Certified KEES™ Service, GEOBRIDGE can remotely manage any Atalla HSM environment.

From updating firmware, or adjusting configuration settings, any function organizations would ordinarily employ in their own data center, KEES can augment your staff with subject matter experts to manage this sensitive equipment. With required firmware updates being introduced to the marketplace with greater frequency than ever before, the reliance on a set of untrained volunteers within an organization is no longer a prudent course of action.

Key Escrow

Whether functioning for disaster recovery or legally mandated escrow requirements, any key that has been or is currently used for production purposes must be protected with the same security requirements as a production environment. Most organizations struggle to effectively maintain a full production key inventory, let alone have any degree of confidence in disaster recovery scenarios, that usually remain un-tested. KEES offers a full or partial key inventory escrow capability, fully protected under AES 256 Bit encryption.

Independent of disaster recovery considerations, maintaining a key escrow ensures that an organization is in control of its own keys, without being held captive by any specific manufacturer or technology.

Further, by leveraging a key escrow service, an organization can migrate keys to new wrapping formats such as TR-31, without interrupting production systems.

 

Need a tailor-made solution for an individual project? Get in touch at hsm@utimaco.com or fill in below contact form.

Stay on top of our news
Don’t miss out on any Utimaco updates

Subscribe to Utimaco Newsletter

We will keep you posted with news from Utimaco and the industries we protect, as well as information on upcoming events and webinars.

Subscribe now

Partners

CREA plus d.o.o. Safesoft Kft. PrimeKey Labs GmbH Envoy Data Corporation - Utimaco Hardware Security Modules Partner PKI Solutions Inc. Primekey Solutions AB Nexus - Utimaco Hardware Security Modules Partner MTG - Utimaco Hardware Security Modules Partner intarsys AG CEGA Security MIcrosec MALKOM D.Malińska i Wspólnicy s.j. SecureMetric Technology Sdn. Bhd. Perceptus-sp.-z-o.-o. E-Sign S.A. ESYSCO Sp. z o.o. Fortiedge Pte Ltd. Compumatica secure networks B.V. Encryption Consulting LLC Utimaco HSM - PTESA_profesionales en transacciones electronicas JJNet International Co., Limited - Utimaco Hardware Security Modules Partner Cyber Armor Pte Ltd cv cryptovision GmbH Komar Consulting Inc. - Utimaco Hardware Security Modules Partner Real security d.o.o. Skytech Computing Solutions Limited. - Utimaco Hardware Security Modules Partner Synergy Computers (Pvt.) Ltd. - Utimaco Hardware Security Modules Partner Cogito Group Pty Ltd EUROPEAN DYNAMICS SA. Utimaco HSM - QuintessenceLabs Clearkey Consulting - Utimaco Hardware Security Modules Partner Thomas-Krenn.AG CertiSur S.A. Baas Control s.r.o. Altacom UAB CREAplus Italia S.r.l IQuantics Corp Cryptomathic Inc. Fornetix - Utimaco Hardware Security Modules Partner Telegrupp AS PETA (Thailand) Co., Ltd. VAR Group SpA - Utimaco Hardware Security Modules Partner Utimaco HSM - InfoGuard Swiss Cyber Security AKEA S.A. - Utimaco Hardware Security Modules Partner Abrantix AG Nexus Technology GmbH Macroseguridad Secure Source Distribution (M) Sdn Bhd - Utimaco Hardware Security Modules Partner Compumatica secure networks GmbH Versasec Ascertia - Utimaco Hardware Security Modules Partner Nexus - Utimaco Hardware Security Modules Partner Throughwave (Thailand) Co.,Ltd - Utimaco Hardware Security Modules Partner Cryptomathic GmbH Rohde & Schwarz Cybersecurity GmbH Microexpert Limited Astel (UK) Ltd. - Utimaco Hardware Security Modules Partner Cryptomathic A/S Softline Solutions GmbH CewTec S.A.
Find a partner

Share this page

EMEA

Utimaco IS GmbH
Germanusstraße 4
52080 Aachen
Germany
Phone: + 49 241 1696 200

Americas

Utimaco Inc.
900 E Hamilton Ave., Suite 400
Campbell, CA 95008
USA
Phone: +1 844 UTIMACO

APAC

Utimaco IS Pte Limited
80 Raffles Place,
#32-01, UOB Plaza
Singapore 048624
Phone: +65 6622 5347

Utimaco

  • support
  • corporate
  • careers
  • legal
  • terms & conditions
  • privacy
  • cookie-policy
© 2021
to top
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • key management
      • Enterprise Key Management
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research