Cloud encryption key management service provider KeyNexus, a division of Dark Matter Labs (DML), is getting set to launch what it says is an ultra-secure cloud encryption key management service for Amazon Web Services (AWS) EBS storage partitions (AWS EC2). KeyNexus says its approach is disruptive, and it involves separating the "lock" from the "key," while at the same time promoting encryption interoperability across the public cloud. That means companies can store, manage and audit their encryption keys separately from the cloud. Here are the details.

KeyNexus Founder and CEO, Jeff MacMillan, will debut the product during a panel at CloudBeat 2013 Conference in San Francisco this week. KeyNexus relies on appliances developed by Dark Matter Labs, also founded and led by MacMillan, that perform data encryption to protect data assets stored in databases, file systems and back-ups. KeyNexus uses these appliances to power key management for the cloud. The company says that this approach offers better security than systems that store encryption keys and data on the same cloud, or enterprises that store keys in a less secure location on-site.

The company said the KeyNexus’ AWS solution offers the following key features:

MacMillan said in his prepared remarks that there are partial solutions for cloud security management available today, however, many are cost-prohibitive and require a cloud vendor to manage all keys.

"If enterprises don’t store and manage encryption keys in a location that is separate from the data, it’s essentially like leaving a house locked, but with the keys in the door," he said. "This approach leaves data vulnerable and users without control or visibility into the key management process."

The company said its cloud encryption key management service will be available in late September 2013. Interested parties, though, can receive a notification of the general availability of KeyNexus AWS offering by registering through the company's website.