Hyperclouds offer fully managed services that generate and manage cryptographic encryption keys. These keys can be used to encrypt data ingested and stored on other cloud services, or be called upon to encrypt data stored at the application level. The physical security, hardware maintenance, and availability of the keys are managed as a service, leaving the users to focus on how the keys are consumed and ensuring their data is properly protected. AWS offers Key Management Service (KMS), Azure Key Vault, and GCP Key Management Service.

The keys are generated following the Advanced Encryption Standards 256 bit (AES-256) specification established by the United States National Institute of Standards and Technology (US NIST). They meet advanced standards such as the Federal Information Processing Standards Publication 140-2 (FIPS 140-2), allowing sensitive information that requires high levels of encryption security to be encrypted by these cloud native services. The use of these services is key to achieving scalable, compliant architectures in the cloud, which we will cover later in the chapter.