Essential Guide

The AWS re:Invent 2013 experience

A comprehensive collection of articles, videos and more, hand-picked by our editors
Q

Do you need a hardware security module to protect your information?

Expert Chris Moyer explains how to decide whether your company needs a hardware security module, or HSM, to protect valuable corporate information.

FROM THE ESSENTIAL GUIDE:

The AWS re:Invent 2013 experience

+ Show More

At a conference recently, I heard a speaker make a reference to cloud-based key management via a hardware security module, or HSM. What is an HSM? How do I know whether I need one, given all the other cloud security options we use?

The short answer is, if you haven't heard much about HSMs, you probably don't need one for information security -- at least, not yet. You can find plenty of other easier and cheaper options to secure your data.

HSMs are dedicated hardware systems specifically designed to store and manage private and public keys, such as secure sockets layer, or SSL, certificates. Among the best-known HSM offerings is Amazon Web Services CloudHSM, which works inside the AWS cloud. AWS describes CloudHSM as a service that "allows customers to securely generate, store and manage cryptographic keys used for data encryption in a way that keys are accessible only by the customer."

These systems are useful if you need to run digital rights management or a public key infrastructure. These systems can be used to provide high levels of security for products that require it, particularly to ensure regulatory compliance.

But that's much more security than you need for most typical projects. Unless you are working with such information as classified government data, confidential medical information or building-identity systems, you probably don't need an HSM.

This was first published in October 2013

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Essential Guide

The AWS re:Invent 2013 experience

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudApplications

SearchSOA

TheServerSide

SearchSoftwareQuality

SearchCloudComputing

Close