This article describes the details of BYOK with the Sherpany application and the required way of configuring the BYOK, here you will learn :
- How is Sherpany using encryption keys,
- What is Bring Your Own Key (BYOK)
- Which migration from Sherpany managing keys to BYOK or from BYOK to Sherpany managing keys are supported
- What is the required setup for BYOK
- If Sherpany supports different ways of configuring BYOK
- If there is another way of removing encryption keys from Sherpany
How is Sherpany using encryption keys
The Sherpany application is using encryption keys to encrypt/decrypt all the documents uploaded to the application. It is an additional security measure to ensure that no one can access document content without also having access to the encryption keys.
What is Bring Your Own Key (BYOK) ?
Sherpany manages the keys to the documents on Sherpany in Hashicorp Vault. With Bring-your-own-key, the key management for the files will be under the customer's control and will not be managed by Sherpany.
BYOK can bring several challenges:
- The BYOK vault is down and therefore, the documents can not be displayed in Sherpany as they can not be decrypted
- Added complexity as the infrastructure is managed by multiple organisations
- Problems with the network connection and therefore, the Sherpany app can not get the keys to decrypt documents
- The customer loses all keys because of a missing backup and therefore, the documents in Sherpany can not be decrypted anymore
With BYOK, the customer is responsible for ensuring that whenever needed Sherpany can create, retrieve and store encryption keys required for document handling in the Sherpany application.
Important
There will always be a moment when the keys are on our servers. They are on our RAM for some milliseconds.
App servers will be requesting keys from the customer's Vault.
Which migration from Sherpany managing keys to BYOK or from BYOK to Sherpany managing keys are supported?
Sherpany supports migration in both ways. It would be possible to start using Sherpany without BYOK and implement it later. It would also be possible to do it the other way around: start using Sherpany with BYOK and later skip it and have all the data in our data center.
What is the required setup for BYOK?
The easiest and most common way is that the customer sets up their own AWS KMS fully under their control.
Sherpany will require access, to the customer's AWS KMS in order to create Data Encryption Keys.
The Key Management solution resource is configured in Sherpany on the room level, so there is a way to use separated Key Management solutions per room if needed.
Does Sherpany support different ways of configuring BYOK?
Yes, we are also open to support the configuration with Hashicorp or Azure Key Vault. If you prefer another solution, we are always happy to hear your requirements/limitations and work with you on the custom solution which will work both for you and Sherpany.
Is there another way of removing encryption keys from Sherpany?
Sherpany provides a way of removing all encryption keys for a whole organisation through the Admin Portal (management console).
Information
Deleting the keys will trigger the deletion of all documents associated with the deleted keys. As documents are decrypted on the server, all documents will be available on native applications (iOS, Android, Windows) until the next sync or app deletion.