# Key management Effective **Key Management** is essential for ensuring the security and integrity of your data within FenixPyre. FenixPyre utilizes a hierarchical encryption approach where files are encrypted using unique **Encryption Keys**, and these encryption keys are subsequently encrypted with **Master Encryption Keys**. The encrypted encryption keys are securely stored in the database, adding an extra layer of protection and simplifying key lifecycle management. #### How It Works 1. **File Encryption:** * When you upload a file to FenixPyre, it is encrypted using a unique **Encryption Key**. This ensures that each file has its own distinct layer of security. 2. **Encryption Key Protection:** * Each **Encryption Key** is encrypted using a **Master Encryption Key**. This means that even if an encryption key is compromised, the master key adds an additional layer of security, safeguarding your data against unauthorized access. 3. **Secure Storage:** * The encrypted encryption keys are stored in the database, ensuring they are protected and accessible only through authorized processes and personnel. #### Key Components 1. **Master Encryption Keys** * **Function:** Serve as the primary keys that encrypt and protect subordinate encryption keys. * **Storage:** Stored securely using Hardware Security Modules (HSMs) or integrated with cloud-based key management services such as Azure HSM and Google Cloud HSM. 2. **Encryption Keys** * **Function:** Used to encrypt and decrypt individual files within FenixPyre. * **Protection:** Each encryption key is encrypted with a master encryption key before being stored in the database. 3. **Hardware Security Modules (HSMs)** * **Function:** Provide a tamper-resistant environment for storing and managing cryptographic keys. * **Integration:** FenixPyre integrates with leading HSM providers like Azure HSM and Google Cloud HSM to ensure keys are stored securely and operations are performed within a protected hardware environment. #### Importance of Key Management * **Data Security:** Ensures that both your files and the keys that encrypt them are protected against unauthorized access and breaches. * **Compliance:** Helps your organization adhere to regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS) by maintaining robust key management practices. * **Operational Efficiency:** Streamlines the encryption process, reducing the complexity and overhead associated with managing multiple keys. #### Key Management in FenixPyre FenixPyre offers a comprehensive key management solution that integrates seamlessly with leading Key Management Services (KMS) and Hardware Security Modules (HSMs). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fenixpyre.com/fenixpyre-for-admins/admin-dashboard/key-management.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.