Skip to main content
According to Pure Storage documentation: Pure Storage, with a continuous emphasis on simplicity, has implemented rigorous security measures, including AES-256-bit encryption, data erasure, rapid data locking technologies, key management, and a robust encrypt/decrypt process. These features meet or exceed internationally recognized security standards such as FIPS 140-2, NIAP/ Common Criteria, and PCI-DSS. Coupled with comprehensive organizational security measures, FlashArray can help customers meet security requirements and data compliance regulations around the world – including the recently updated GDPR. We have achieved this without compromising product serviceability, performance, or our industry-leading data reduction capabilities.

What is KMIP?

The Key Management Interoperability Protocol (KMIP) is an extensible communication protocol that defines message formats for manipulating cryptographic keys on a key management server. This facilitates data encryption by simplifying encryption key management. You can create keys on a server and then retrieve them, possibly wrapped by other keys. KMIP supports both symmetric and asymmetric keys, including the ability to sign certificates. KMIP also enables clients to ask a server to encrypt or decrypt data without needing direct access to the key.

Integration purpose

The Pure Storage Rapid Data Locking (RDL) feature enables a FlashArray device to create a secondary user-controllable key on a KMIP server, such as the KMES Series 3, by using the KMIP protocol. You can use the key you create on the KMES Series 3 subsequently to unlock the array flash modules. This makes it possible to quickly and completely lock down an array simply by revoking the remote key and powering off the FlashArray.