Database Encryption

Unbound Key Control (UKC) lets you protect, manage and control database encryption keys across your hybrid environment from a single pane of glass.

( let’s talk )

Is Managing and Controlling the Keys Your Biggest Challenge in Database Encryption?

Encryption key management is frequently one of the biggest stumbling blocks when it comes to database encryption. Good key management is essential, since access to encrypted data ultimately comes down to access to the key.

Unfortunately, efficiently managing crypto keys for encrypted databases isn’t so simple:

Protecting AND managing keys typically requires two products: an HSM and a key manager

Many HSMs vendors will only allow integration with their own key managers – causing vendor lock-in.
Housing data and applications in the cloud forces organizations to share control of encryption keys with the CSP

Hybrid cloud means several key management systems co-exist, causing fragmentation, security and sync issues

Highly Secure, Software-Defined Database Encryption Key Management

Unbound Database Encryption (based on UKC) is a software-only product that keeps the database encryption keys secured at all times by ensuring encryption keys are never in the clear. It includes all key management capabilities required throughout the key lifecycle, and includes a KMIP server that allows it to integrate with any existing key manager and is the only solution that allows full control of encryption keys in the cloud (CYOK). Now you can encrypt databases on any cloud, and ensure you’re the only one controlling your encryption keys. Unbound fully supports the requirements of hybrid environments by allowing highly secured and centrally controlled key management across all sites and platforms.

TDE Integration is available for Microsoft SQL Server, Oracle and IBM DB2 on all platforms and CSPs. UKC also transparently integrates with MSSQL Always Encrypted, allowing you to securely protect and manage master keys to the entire database or just certain columns.

All in One

Manage and protect your DB encryption keys in the same product – no integrations required, no vendor lock-in


Allows full control of encryption keys in the cloud (CYOK)

Hybrid Cloud Compatible

Centralized key management and control across distributed environments, including different CSPs and on-premise sites

Transparent Integration

Seamless integration with all popular DBs – protect keys at the DB or column level with a quick configuration update

Here's how it works:

1. The application server creates a query to the database

2. The database server uses a master decryption key that is strongly protected by Unbound Key Control

See it in Action

Learn how you can manage, control and protect your database encryption keys across your entire network.

  ( Request a Demo )

Related Articles


Get an in-depth explanation of how Unbound uses MPC, a mathematically proven method to secure keys on any device.

( Download )


Control Your Own Keys in the Cloud (CYOK) can ensure your sensitive assets remain secure even in the event of a breach.

( Watch )


Learn how Unbound Key Control, the first secure-as-hardware key management system can protect your crypto keys anywhere.

( Download )


Learn more about how two major banks are using Unbound to reinvent data reinvent data protection in the Digital Banking age.

( Watch )