Our Key-as-a-Service (KaaS) Platform

A modern approach to security that enables everyone who enjoys the creativity and openness of the Internet to continue to do business securely with the same ease and flexibility they expect.

Our Key-as-a-Service provides a framework for protecting content wherever it resides, it supports policy driven access, and allows for full access remediation. KaaS combines the elements of Security, Privacy, and Accessibility to build confidence that all data can be moved and shared without losing control of it. 

The proliferation of privacy regulations, connected devices, connected software, cloud resident data, and individuals needing secure data access anywhere, means many organisations do not want or have the resources to manage keys, or process associated governance and compliance requirements.

A secure object combines three elements of security; Identity, Policy and Key Management.  This maps to the CIA three pillars of security: Confidentiality, Integrity and Availability.

A key is distributed to one or more authorized identities via policy based controls. Each identity’s rights and privileges to a key are managed by the data owner. Authorized identities, key management and access control policies can all be controlled at the document level for truly  granular controls.

  1. Identity defines who the user is (or device in IOT landscape) and authentication is used to verify this information.
  2. Policy defines when and how an identity can access the data. Once you prove your identity the policy controls how you can interact with that data.
  3. Key Management/Encryption locks the data until a policy defines an identity can access data. 
Key as a Service Geofencing

KaaS helps organizations address increasingly stringent requirements for data sovereignty in a manageable way, by shifting the focus from trying to control where data is, to controlling where the keys that protect the data reside.

Access to a key is only granted after validating the location of the corresponding data. If access is requested within the data sovereign jurisdiction, then the policy permits the release of the key.


Cocoon Data’s Key as a Service platform can also be deployed though partnerships to address specific industries such as Health, Mining and critical infrastructure.

We welcome the opportunity to explore your specific industry needs.