Entrust KeyControl redefines cryptographic key and secrets management by combining key lifecycle management and a decentralized vault-based architecture with a comprehensive central policy and compliance management capabilities for a wide range of use cases. The Entrust KeyControl Compliance Manager policy engine provides fine-grained control of your cryptographic keys and secrets, offering full visibility, traceability, compliance tracking, and an immutable audit trail. This can help make it possible for your organization to stay in compliance with laws and regulations around the world that govern data privacy, security, and sovereignty. Multiple KeyControl Compliance Managers can easily be configured to isolate regions or organizational locations as needed. The KeyControl platform also offers a new distributed vault architecture supporting the creation of fully isolated vaults that can help your organization meet your compliance obligations related to geographical data residency and data sovereignty mandates for cryptographic assets, while reducing attack surfaces and providing flexible arrangements for disaster recovery (DR) and contingency planning. There are KeyControl Vaults for: • KMIP • Databases • Secrets Management • SSH Key Management • Privileged Account and Session Management (PASM) • Tokenization • VM Encryption • Cloud Key Management (BYOK) • Cloud Key Management (HYOK)