Scenario: Secure Key Management for a Multi-Tenant company on Platform Mesh.
Persona : Platform Mesh security admin—not normal end-users.
Story:For compliance reasons, Company X has deployed an HSM to own their data keys. The platform administrator tasks the security administrator with wiring the Production Department to use these root data keys.
The Production Department uses MongoDB as their database service. To meet strict security and compliance requirements, the security administrator needs a solution that allows configuring a key chains for each system, with every key managed according to the NIST standard. Krypton provides this flexibility, enabling key hierarchies for maximum security and lifecycle policies for MongoDB and other services.
What value Krypton brings to Platform Mesh account holder:
Krypton speaks KMIP natively—a protocol supported by major vendors and open-source projects—the integration is seamless, secure, and future-proof. Whenever MongoDB needs to encrypt or decrypt data, it requests the right key from Krypton, with no custom code or adapters.
Key Chian concept: The administrator creates a key chain for the Production Department. A key chain provides layered, tenant-specific isolation and control, making key management more secure, auditable, and compliant.
They can declare that when the key is “Active,” it can encrypt and decrypt data, but when it is “Suspended,” it can only decrypt data for audits, not encrypt new data.
By following NIST standards, the administrator ensures that every key’s lifecycle is strictly managed—keys start in PreActivation, become Active when needed, can be Suspended or Deactivated in response to incidents, and are Destroyed when no longer required. All these configurations are possible in Krypton, giving the administrator full control and compliance.
The administrator can monitor key usage, rotate keys for compliance, or suspend and destroy keys if there’s a security incident. If the Production Department ever needs to “crypto shred” their data for compliance, the admin deletes the relevant data key in Krypton. Instantly, all encrypted data in MongoDB becomes unreadable, even though it still exists in storage.
As security admin of a customer on Platform Mesh I can manage each key’s lifecycle according to NIST standards:
New keys start in PreActivation.
When a service goes live, I activate the keys.
If a security incident occurs, I can suspend or deactivate keys—no new encryption, but old data can still be decrypted for investigation.
Compromised keys are flagged and restricted.
When a tenant leaves, I destroy their keys, ensuring data privacy and compliance.
Scenario: Secure Key Management for a Multi-Tenant company on Platform Mesh.
Persona : Platform Mesh security admin—not normal end-users.
Story:For compliance reasons, Company X has deployed an HSM to own their data keys. The platform administrator tasks the security administrator with wiring the Production Department to use these root data keys.
The Production Department uses MongoDB as their database service. To meet strict security and compliance requirements, the security administrator needs a solution that allows configuring a key chains for each system, with every key managed according to the NIST standard. Krypton provides this flexibility, enabling key hierarchies for maximum security and lifecycle policies for MongoDB and other services.
What value Krypton brings to Platform Mesh account holder:
Krypton speaks KMIP natively—a protocol supported by major vendors and open-source projects—the integration is seamless, secure, and future-proof. Whenever MongoDB needs to encrypt or decrypt data, it requests the right key from Krypton, with no custom code or adapters.
Key Chian concept: The administrator creates a key chain for the Production Department. A key chain provides layered, tenant-specific isolation and control, making key management more secure, auditable, and compliant.
They can declare that when the key is “Active,” it can encrypt and decrypt data, but when it is “Suspended,” it can only decrypt data for audits, not encrypt new data.
By following NIST standards, the administrator ensures that every key’s lifecycle is strictly managed—keys start in PreActivation, become Active when needed, can be Suspended or Deactivated in response to incidents, and are Destroyed when no longer required. All these configurations are possible in Krypton, giving the administrator full control and compliance.
The administrator can monitor key usage, rotate keys for compliance, or suspend and destroy keys if there’s a security incident. If the Production Department ever needs to “crypto shred” their data for compliance, the admin deletes the relevant data key in Krypton. Instantly, all encrypted data in MongoDB becomes unreadable, even though it still exists in storage.
As security admin of a customer on Platform Mesh I can manage each key’s lifecycle according to NIST standards:
New keys start in PreActivation.
When a service goes live, I activate the keys.
If a security incident occurs, I can suspend or deactivate keys—no new encryption, but old data can still be decrypted for investigation.
Compromised keys are flagged and restricted.
When a tenant leaves, I destroy their keys, ensuring data privacy and compliance.