Protect Your

Data Power.

Sovereignty means safeguarding your data like a treasure.​

Anyone who wants to protect data must not only look at the storage location. It is also important who controls the key for decryption. This is exactly where the difference lies. We encrypt your data with a Customer Managed Key (CMK). We manage this key in a FIPS Level 3 validated Key Vault that is controlled exclusively by us. This keeps control of the key separate from the actual data.

This is relevant to you for a simple reason: a cloud provider can legally only access what it actually has access to. If the key is stored in a separately managed key vault with access restrictions, this fundamentally changes the situation. The point is therefore not that a cloud infrastructure is beyond all technical risks, but that access to the key is legally and organizationally separated. This is precisely what strengthens protection against external access.

This topic therefore goes beyond mere data protection. The separation of data management and key control creates a higher level of compliance. It ensures clear responsibilities and a security architecture that has long been standard in regulated environments. In addition, there is auditability: access and key usage can be logged and traced.

For your procurement, this means: your data is not only stored in a clearly defined environment. It is additionally protected with a key whose access is beyond the reach of the hyperscaler. In this way, we create a security architecture that effectively safeguards your data and further increases your sovereignty in handling sensitive procurement information.

Keep control of your procurement data

  • We encrypt your data with a dedicated Customer Managed Key (CMK) and manage it in a FIPS Security Level 3 validated key vault (Key Vault).
  • Neither the cloud infrastructure provider nor US authorities have access to the key.
  • Maximum compliance through the consistent separation of data processing and key control. And full auditability, as every use of the key is traceably logged.
Speak with an expert
To the overview

FAQ

What is a Customer Managed Key?

A Customer Managed Key is an encryption key that is not specified by the hyperscaler, but is created, managed and controlled by the customer themselves.

What is a Key Vault?

A Key Vault is a protected key store in the cloud. Cryptographic keys are managed centrally there. Access can be specifically controlled, secured and logged. Azure Key Vault is designed precisely for this purpose.

What is FIPS Level 3?

FIPS Security Level 3 is an internationally established security standard for Hardware Security Modules (HSM). It stands for particularly high requirements for tamper protection and secure key management – especially in regulated industries such as finance, healthcare and the public sector.

Our e-procurement experts present you
Onventis Source-to-Pay.

Make an appointment
Privacy
When you visit our website, information from certain services may be stored via your browser, usually in the form of cookies. Here you can change your privacy settings. Please note that blocking some types of cookies may affect your experience on our website and the services we offer.
Privacy Policy
I have read and accepted the data protection declaration.
Required
Tracking
This website uses functions of the web analysis service Google Analytics.
YouTube
This website uses the YouTube service to provide streaming video content.
Google Maps
Diese Website verwendet den Google Maps-Dienst, mit dem interaktive Karten angezeigt werden können.