SENSITIVE DATA PROTECTION SOLUTION

DuoKey for AWS

We have developed for you the most powerful double key encryption (DKE) systems and advanced key management solutions for unparalleled data protection across the cloud and hosted applications.

Our products are designed to take cloud security beyond industry standards, guaranteeing no one can access your critical data without authorization.

Schedule a demo
encrypt
document protected everyday with double key encryption
Protect
Protect your document in transit and at rest
track
check who opened and has access to your sensitive information

Save your sensitive AWS S3 bucket
using our client-side encryption SDK.

With DuoKey for AWS S3, our plugin works by keeping a master key inside the MPC node and using this to derive a unique key for each object in a bucket. The software running on the client will have access to these object-specific keys, but never the master key which never leaves the MPC node

 

Built with Security and Privacy in mind

Client-side encryption is the act of encrypting data before sending it to Amazon S3. To enable the client-side encryption, DuoKey generates a CMK within your application on client-side, AWS has no access to any encryption keys.

Data encryption

To access the content you must have the CMK generated using DuoKey MPC. The customer key is managed using our DKMAAS with MPC.

Prevent data-leakage

Experts agree that end-to-end encryption can reduce the risk of unauthorized data access and meet certain compliance and data residency requirements. DuoKey takes a complementary approach to encryption, both using encryption keys controlled by the customer and performing the encryption at the endpoint.

Client-Side Encryption

Client-side encryption is the act of encrypting data before sending it to Amazon S3. To enable client-side encryption, DuoKey generates a master key that you store within your application. AWS cannot access your keys.

SECURITY AND PRIVACY FIRST

Highly secure, always keep your sensitive data private

Since one key is always in your control, AWS never has access to your data. When uploading an object — You provide a client-side master key to the Amazon S3 encryption client. The client uses the master key only to encrypt the data encryption key that it generates randomly.

  • Always client-side encryption is performed
  • No third-party can ever access your data
  • Monitor who uses your keys
  • Dedicated tenant and vault for storing your keys
keep your sensitive data private
Granular Access Control Equals Robust Security
SECURITY-FIRST

Granular Access Control Equals Robust Security

Granular access control provides strong authentication and authorizes individuals to access only the information they are allowed to use and see.

DuoKey has resolved an operational headache for us by letting us managing all keys in one place

Senior Information Security Architect
Click here

See our supported Key Vault for storing your encryption keys

DuoKey for Office365 can leverage on industry vendors HSM like ATOS, Thales, Securosys and Entrust but also integrate our innovative MPC KmaaS powered by SEPIOR MPC

Key Vault for storing your encryption
Securosys for Encryption
Sepior Logo Medblue
ATOS logo - Data Security Services
Amazon Web services
Fortanix for Data Security and encryptions
See All integrations