Townsend and Cellar Door Join Hands to Secure Drupal API Keys

By CIOReview | Thursday, October 1, 2015

OLYMPIA, WA: Townsend Security, a provider of data privacy solutions announces a partnership with Cellar Door Media, a web solutions and services agency, to offer Lockr, a managed key service to Drupal users.

Lockr allows Drupal users to protect API keys such as PayPal, MailChimp, FedEx and Amazon S3. It also secures encryption keys to meet security best practices.

The company claims that the service can be easily scaled based on a website’s size and needs. To meet compliance requirements such as PCI DSS, HIPAA, and FISMA the company will also offer a dedicated instance of Townsend Security’s FIPS 140-2 compliant Alliance Key Manager.

Drupal developers who need to protect sensitive data know that storing their encryption keys within the content management system (CMS) puts their data at risk for a breach. The Key Connection for Drupal helps administrators secure their encryption keys by storing them remotely and only using them when the encryption/decryption happens.

Users who are currently encrypting sensitive data are storing the encryption key locally in either a file protected on the server, in the database, or in Drupal’s settings file.  None of these methods meet data security best practices or compliance regulations. Key Connection for Drupal keeps the encryption keys on a separate server from the data they protect, allowing administrators to line up with compliance and security best practices.

“Townsend Security has a long running relationship with Cellar Door Media and we are excited to back Lockr with our technology, key management as a service is something that the Drupal community has been asking for, and we are delighted to help provide it,” says Luke Probasco, Drupal General Manager, Townsend Security.