Key Management Service (KMS) Overview

At Ennote, we believe that cryptographic security should be robust, flexible, and fully under your control. Our Key Management Service (KMS) architecture is designed to meet the diverse needs of modern enterprises, from providing a seamless, out-of-the-box solution to enabling full customer-managed key custody. We offer two distinct, powerful KMS options, allowing you to choose the security model that best aligns with your governance, compliance, and operational requirements.

Ennote’s Approach to Cryptographic Security

Ennote’s Internal Kyber Post-Quantum KMS (Default)

Our default KMS is a testament to Ennote's commitment to future-proofing your security posture. This is an internal, fully managed solution that requires no configuration on your part

Kyber Post-Quantum Cryptography:Our internal KMS is powered by the cutting-edge Kyber algorithm, providing a strong defense against both current and future cryptographic threats, including those posed by quantum computing.
Seamless Operation:All key management, rotation, and lifecycle operations are handled by Ennote. This offers a frictionless experience and is ideal for organizations that want to deploy a best-in-class security solution without the overhead of key management.
Zero-Trust by Design:While Ennote manages the keys, the system is architected on a zero-trust model, ensuring that only the cryptographic operations, not the keys themselves, are exposed to the application layer.

External Google Cloud KMS Integration (Customer-Managed)

For organizations with strict data sovereignty, compliance, or existing security policies, Ennote provides a seamless integration with external Key Management Services. Currently, we offer a dedicated integration with Google Cloud KMS.

Full Key Custody:This integration empowers you with complete control over your encryption keys. All cryptographic operations—encryption and decryption—are performed using a key you provision and manage within your own GCP environment.
Compliance and Governance:By leveraging your own KMS, you maintain auditable logs and can adhere to internal policies or regulatory requirements that mandate customer-managed keys.
Hybrid Cloud Strategy:The GCP KMS integration is perfect for a hybrid cloud model, allowing you to centralize your key management with other cloud security assets, while still benefiting from Ennote’s robust secret management platform.

Whether you choose our advanced Kyber-based internal KMS for ease of use and future-proof security, or opt for the full control of our GCP KMS integration, Ennote provides the foundational cryptographic security you need. This dual-option approach ensures that your secrets are always protected by a state-of-the-art key management solution that you have explicitly chosen and configured.

Need Help?

If you encounter any issues or have questions, don’t hesitate to contact support. Our team is here to assist you with any challenges you might face.