# FAQs Frequently asked questions about CipherStash Full answers at https://cipherstash.com/faq ## Product Fundamentals Start here for a high-level understanding of what CipherStash does and how it fits into your stack. - What is encryption-in-use, and why does it matter? - How does CipherStash let us search over encrypted data? - Do we have to rewrite our entire application to use CipherStash? - Which languages and frameworks does CipherStash support? ## Architecture, Keys & Security Model How our ZeroKMS architecture, key management, and BYOK model work in practice. - What is ZeroKMS, and how is it different from a traditional KMS? - How does BYOK work with CipherStash? - Do keys ever leave our environment or get stored centrally by CipherStash? - Do we need HSMs or a dedicated key vault to use CipherStash? - How does CipherStash handle key rotation? - Does CipherStash use Homomorphic Encryption (HE)? ## Integration & Deployment How CipherStash fits alongside AWS KMS, Vault, and your existing application architecture. - How does CipherStash integrate with AWS KMS or Vault? - Do we still need AWS KMS or Vault if we adopt CipherStash? - Will we need to re-architect our system to adopt CipherStash? - How long does a typical integration take? - Can we use CipherStash with legacy applications? ## Performance & Scalability What to expect in terms of latency, throughput, and operational overhead. - What is the performance impact of using CipherStash? - Will encrypted search slow down our queries? - Can CipherStash handle high-scale, cloud-native deployments? - How much operational overhead does CipherStash add? ## Compliance, Governance & Risk How CipherStash helps you meet security mandates, audits, and internal policies. - How does CipherStash support our compliance initiatives? - Will CipherStash help with SOC2, HIPAA, ISO27001, GDPR, or similar compliance frameworks? - Does CipherStash help with internal audit and GRC demands? - Can CipherStash help us prepare for upcoming audits or regulatory changes? ## Pricing, ROI & Business Justification How to think about cost, value, and the business case for CipherStash. - How is CipherStash priced? - How do we justify CipherStash versus our existing KMS or Vault? - Will CipherStash increase our operational costs? ## Positioning vs Existing Tools Understanding how CipherStash fits next to KMS, Vault, and tokenization. - How is CipherStash different from AWS KMS, Secrets Manager, or Vault? - Does CipherStash replace tokenization systems and field-level encryption we built ourselves? - Do we need CipherStash if our current KMS/Vault setup works “well enough”? ## Adoption, Rollout & Next Steps What it looks like to start with CipherStash and expand over time. - How do most teams get started with CipherStash? - Which internal stakeholders typically need to be involved? - Do our developers need deep cryptography expertise to use CipherStash? - What are the next steps if we want to explore CipherStash?