Thales – Identity Access Management (IAM), Authentication & HSMs

About Thales

In 2019 Gemalto was acquired by Thales making them a world leader in digital security.

Today’s enterprises depend on the cloud, data and software to keep pace with the cost of doing business in a world that is rapidly digitally transforming. However, they are concerned about business-critical and sensitive data being stolen by adversaries such as competitors or cybercriminals. In spite of all their investments in perimeter and endpoint security data breaches continue to occur on a weekly basis. When all else fails, data security has become the last line of defence.

That’s why the most respected brands and largest organisations in the world rely on our partner Thales to help them protect and secure access to their most sensitive data at rest in on-premises data centres and in public/private clouds, and data-in-motion across wide-area networks.

At Net-Ctrl we work with Thales to help enable organisations to migrate to the cloud securely, achieve compliance with confidence, and create more value from their software in devices and services used by millions of consumers every day.

Thales is the worldwide leader in data protection solutions, providing everything an organisation needs to protect and manage its data, identities and intellectual property with comprehensive data discovery and Thales positioning classification, data encryption, tokenisation, advanced key management, authentication and access management.

Whether it’s securing the cloud, digital payments, blockchain or the Internet of Things, security professionals around the globe rely on Net-Ctrl and Thales to confidently accelerate an organisation’s digital transformation.

Safeguarding High-Value Data

Thales’s data-centric security solutions have enabled our customers to adapt to the escalating internal and external threats to their high-value data, and rapidly evolve to address new business requirements and compliance mandates. Our products deliver persistent protection of sensitive data throughout the information lifecycle by:

  • Protecting identities of users and applications
  • Securing transactions of critical, high-performance digital processes
  • Encrypting data as it is created accessed, shared, stored, and moved
  • Protecting the encryption keys enterprises rely on to ensure encrypted data remains secure
  • Enabling cloud-based infrastructures through protection and control of data in virtual environments

The Thales security portfolio is extensive. Net-Ctrl has specialised in a few key areas Identity Access Management, Authentication and Hardware Safety Module solutions.


SafeNet Trusted Access

Offer trusted access and Smart Single Sign-On to all your apps with SafeNet Trusted Access, identity-as-a-service.

Building on its award-winning multi-factor authentication service, Gemalto now offers SafeNet Trusted Access, an intuitive access management service that makes it easy to manage cloud and web access with single sign-on and scenario-based access policies.

Enterprises looking to scale the deployment of cloud and web apps across the organisation encounter hurdles to efficiently managing online identities and access security, while ensuring user convenience and regulatory compliance.

SafeNet Trusted Access has emerged to streamline cloud identity management, eliminate password hassles for IT and users, provide a single pane view of access events across your app estate and ensure that the right user has access to the right application at the right level of trust.

SafeNet Trusted Access – Identity-as-a-Service

SafeNet Trusted Access is a cloud-based access management service that combines the convenience of cloud and web single sign-on (SSO) with granular access security. By validating identities, enforcing access policies and applying Smart Single Sign-On, organisations can ensure secure, convenient access to numerous cloud applications from one easy-to-navigate console.

SafeNet Trusted Access benefits:

  • Fast and easy cloud access through Smart Single Sign-On
  • A single pane of glass for centralized user access control
  • Optimized security through fine-grained access policies
  • Visibility into all access events for simplified compliance
  • Secure access for partners and contractors
  • Identity-as-a-service efficiencies

SafeNet Trusted Access from Thales


It’s Not Just Data Protection. It’s Data Protection On Demand.

The award winning Thales Data Protection On Demand is a cloud-based platform providing a wide range of cloud HSM and key management services through a simple online marketplace. Security is now simpler, more cost effective and easier to manage because there is no hardware to buy, deploy and maintain. Just click and deploy the services you need, provision users, add devices and get usage reporting in minutes.

With an ever-growing menu of cloud based security applications at your fingertips, including hundreds that work with the industry standard PKCS11 interface, select the security service you require from an expanding range of options and integrations including:

HSM On Demand

Cloud-based HSM services enable customers to protect critical cryptographic keys and to accelerate sensitive cryptographic operations across a wide range of security applications.

Key Management On Demand

Cloud-based services to generate, distribute, store, rotate, and revoke/destroy cryptographic keys as needed to protect the sensitive information with which they are associated.

Get data security on your terms – in minutes

Access to a Wide Range of Security Services. Simply Click and Deploy What you Need for Protection. Security as a Service (SECaaS) Offerings Within Minutes.

Zero upfront capital investment and pay-as-you go pricing

No Hardware or Software to Buy, Support, or Update. No Capital Expenditures. Flexibility to Purchase Services to Suit Changing Business Needs.

Easily integrate with your cloud and IT services

Preconfigured APIs Make it Easier to Integrate: Key Management, HSM on Demand Services.

Protect data anywhere and meet compliance mandates

Secure Sensitive Data in Any Environment – Cloud, Virtual or On-Premise. Protect the Data you Create, Store and Analyze. Crypto Enable Your Blockchain, Cloud, and Internet of Things (IoT) Applications.

Infinite scalability and elasticity

Scale HSM and Key Management Services Up and Down Automatically. Easily Grow HSM and Key Management Capacity and Crypto Resources Without Limitations.

Focus on your business, not managing hardware and software

No Need to Buy, Provision, Configure, and Maintain Hardware and Software. All Physical Hardware, Software, and Infrastructure is Managed by Gemalto, Including an SLA.

Thales Data Protection On Demand – How it Works

Thales Data Protection On Demand, the online marketplace for all of your data protection needs, is just a click away. The marketplace has a menu of security applications ranging from digital signing to key brokering. Just click and deploy the protection you need, provision services, add security policies and get usage reporting in minutes.


Hardware Security Modules (HSMs)

What is a Hardware Security Module?

A hardware security module (HSM) is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. Hardware security modules act as trust anchors that protect the cryptographic infrastructure of some of the most security-conscious organisations in the world by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device.

Why Use Hardware Security Modules?

Enterprises buy hardware security modules to protect transactions, identities, and applications, as HSMs excel at securing cryptographic keys and provisioning encryption, decryption, authentication, and digital signing services for a wide range of applications.

Thales Hardware Security Modules provide the highest level of security by always storing cryptographic keys in hardware. Thales HSMs provide a secure crypto foundation as the keys never leave the intrusion-resistant, tamper-evident, FIPS-validated appliance. Since all cryptographic operations occur within the HSM, strong access controls prevent unauthorized users from accessing sensitive cryptographic material. Additionally, Gemalto also implements operations that make the deployment of secure HSMs as easy as possible, and our HSMs are integrated with Thales Crypto Command Center for quick and easy crypto resource partitioning, reporting and monitoring.

Thales HSMs adhere to rigorous design requirements and must pass through stringent product verification testing, followed by real-world application testing to verify the security and integrity of every device.

Thales HSMs are cloud agnostic, and are the HSM of choice for Microsoft, AWS and IBM, providing a “rentable” hardware security module (HSM) service that dedicates a single-tenant appliance located in the cloud for customer cryptographic storage and processing needs.

With Thales Hardware Security Modules, You Can:

  • Address compliance requirements with solutions for Blockchain, GDPR, IoT, paper-to-digital initiatives, PCI DSS, digital signatures, DNSSEC, hardware key storage, transactional acceleration, certificate signing, code or document signing, bulk key generation, data encryption, and more.
  • Keys are generated, and always stored in the intrusion-resistant, tamper-evident, FIPS-validated appliance, providing the strongest levels of access controls.
  • Create partitions with a dedicated Security Office per partition, and segment through admin key separation.

HSM 101: What is a Hardware Security Module?

Predictive, Pre-Deployment, Post Installation and Health Check Wireless Surveys carried out by certified wireless engineers.

We look at Wi-Fi fundamentals, explore the benefits of and technology behind Wi-Fi 6, Wi-Fi 6E and what the future holds for Wi-Fi 7

Net-Ctrl provide network and structured cabling solutions as either a stand-alone installation, or to compliment products and solutions that we offer.

Connect-the-Classroom scheme  is allowing schools to upgrade their infrastructure to a solution that should last 10 years

Net-Ctrl provides two excellent support packages in addition to any equipment purchased. Find out about our Silver or Gold support package

IP-CCTV site survey to assess camera locations and requirement and existing Mobotix solution health checks.

Net-Ctrl offers our Cloud WLAN. Delivering market-leading patented technology managed by the Net-Ctrl engineering team.

We provide an automated Cybersecurity awareness training solution covering both simulated phishing and training courses.

Net-Ctrl offers a range of wireless network solutions. We explore some common questions related to these solutions.

Offering end-to-end, affordable and competitive financing solutions to help you achieve your business goals. 

Solution Portfolio

Find out about all our technology partners

Industries We Work With

Find out about all the industries we work in and how we may be able to help you

Latest News

Counter AI Attacks with AI Defense

While artificial intelligence (AI) technology has been around for a while, there is no arguing that it has become mainstream over the last year. Whenever new technology becomes mainstream, everyone looks for ways to use it to make their lives easier at home and work....

Generative AI Threats

ChatGPT safeguards can prevent misuse, but jailbreaking tools can give bad actors the upper hand in bypassing those safeguards to create more believable phishing emails. Key Points Large language model tools like ChatGPT can be used to generate convincing phishing...

Technical Support

Access our technical support hub to view our support packages and how to get help