Overview

In manufacturing environments, IT resources are typically limited and productivity is paramount. Ideal IT infrastructures must be easy to use and feature rich, including a data security component to reduce the risk of data theft or loss.
A large vehicle electronic equipment manufacturer in EMEA recently approached StorMagic for help securing their data.They needed to store and manage encryption keys delivered by car manufacturers which are then embedded in vehicle ECUs (engine control units) to match them to specific chassis. Before, they would carry them on memory sticks – which was non-compliant with their clients’ policies. They found that StorMagic SvKMS encryption key management not only met their requirement for FIPS 140-2 level 3 compliance, it could also support the manufacturer’s future needs for Pretty Good Privacy (PGP) keys, certificates and more.
The customer deployed StorMagic SvKMS integrated with a Utimaco HSM, which is the ‘root of trust’ delivering the customer’s required FIPS level. Despite the need to use a HSM, the client really liked the ease of managing keys through the SvKMS key management solution, as well as its flexibility to provide features and integrations. They found that SvKMS could be tailored to very manufacturing-specific workflows that no other company offered.

The encryption keys are used in car ECUs (engine control units) that the company builds for car manufacturers. They lock a specific ECU to a specific car chassis as well as allow access into the ECU for software development work. Since deployment, StorMagic has demonstrated that it can handle way more than simple database encryption — which could be disruptive in the manufacturing industry, where larger brands have before been adopted as standard. The customer is so satisfied with this initial deployment, they plan to add additional key management implementations when more workflows are moved to SvKMS.