Bring Your Own Key (BYOK) Encryption

All customer data in DSV is encrypted at rest and in transit, using Delinea-managed keys in AWS Key Management Service (KMS). BYOK encryption allows you to encrypt your cloud product data with keys hosted in your own AWS account. With BYOK encryption, you have more control over the management of your keys. You can also revoke access at any time.

There are many benefits of BYOK encryption.

• Reduced risk: BYOK adds another layer of protection for sensitive data.
• Improved data governance: Access to encryption keys hosted in your AWS account can be logged and monitored via AWS CloudTrail.
• Increased control: You can revoke access to your encryption keys.

DSV's BYOK Approach

We support encryption using encryption keys generated and hosted in your AWS account via the AWS Key Management Service (KMS). This solution enables encryption of your data at different layers throughout the applications.

Usage and Examples of BYOK