Encryption & Key Management for Drupal

Key Connection for Drupal Module

Secure Sensitive Data in Drupal


Drupal developers who need to protect sensitive data know that storing their encryption keys within the content management system (CMS) puts their data at risk for a breach.  With Key Connection for Drupal, administrators are now able to keep their encryption keys secure by storing them remotely and only using them when the encryption/decryption happens.


Drupal Encryption and Key ManagementYour Users Expect Their Data Is Protected
Data breaches are not a matter of if, but when.  When it comes to protecting sensitive information and meeting security compliance regulations, we don’t believe anything should get in the way of offering your users the best data security tools available.


Protect Private API Keys
Proper key management is essential to securing critical API connections.  Private API keys are used very widely within Drupal by services like Amazon AWS, Authorize.net, PayPal, and MailChimp and stored in the clear.  If your site gets hacked, so does access to the services that you have integrated into your site.  

Solving the Drupal Encryption Problem
Within the Drupal CMS there is no secure method for managing your encryption keys without expensive, custom solutions.  Users who are currently encrypting sensitive data are storing the encryption key locally in either a file protected on the server, in the database, or in Drupal’s settings file.  None of these methods meet data security best practices or compliance regulations such as PCI DSS, HIPAA/HITECH, state privacy laws, etc.


Who Needs Encryption and Key Management?
Today almost every business must adhere to data security regulations set forth by industry standards groups.  Anyone who is using Drupal to collect and store sensitive data (personally identifiable information, work/school applications, e-commerce checkout process, etc.) needs to make sure this data is held safely.  Key Connection for Drupal keeps the encryption keys on a separate server from the data they protect, allowing administrators to line up with compliance and security best practices.


Encryption and Key Management Simplified
Complexity is usually the largest concern in integrating encryption services into any environment such as Drupal.  The Key Connection module provides a simple configuration UI to get connected quickly and effortlessly.  By installing the Key Connection module into Drupal, administrators can easily encrypt sensitive data and manage the encryption keys with a FIPS 140-2 compliant encryption key manager.


NIST Compliant Encryption
In addition to retrieving keys, the Key Connection module creates a NIST compliant encryption option by using on-board encryption on the Alliance Key Manager.  For organizations that need to meet compliance requirements, NIST compliant AES encryption and key management means you are provably meeting industry standards and best practices.


An Affordable Encryption Key Manager
With subscription and perpetual licensed options for the Alliance Key Manager server, we have an encryption key management solution to fit your budget.  Additionally, Alliance Key Manager is offered as physical hardware security module (HSM) in your data center, as a cloud HSM, or as a virtual appliance in the cloud.


Module Integration
Townsend Security recognizes the strength of community standards, which is why the Key Connection module is built upon Drupal’s Encrypt API. As an extension to this API, the Key Connection module provides Encrypt (and any other module in Drupal) with a universal ability to securely retrieve and use remote encryption keys.


Additionally, Townsend Security is helping the community by helping sponsor a suite of modules that integrate with Key Connection and include: KeyEncrypt UserEncrypt Form APIEncrypted FilesField EncryptionEncrypt Password, and Webform Encrypt.


Encryption and Key Management in Drupal


Townsend Security has partnered with Cellar Door Media as the premier provider of encryption key management integration within Drupal. For more information on how they can help integrate encryption and key management into your next project, contact either Townsend Security or Cellar Door Media.






Key Sizes

128-bit AES symmetric keys

192-bit AES symmetric keys

256-bit AES symmetric keys


TLS authenticated secure communications

Secure web application for server management