The AWS re:Invent 2013 experience
A comprehensive collection of articles, videos and more, hand-picked by our editors
At a conference recently, I heard a speaker make a reference to cloud-based key management via a hardware security...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
module, or HSM. What is an HSM? How do I know whether I need one, given all the other cloud security options we use?
The short answer is, if you haven't heard much about HSMs, you probably don't need one for information security -- at least, not yet. You can find plenty of other easier and cheaper options to secure your data.
HSMs are dedicated hardware systems specifically designed to store and manage private and public keys, such as secure sockets layer, or SSL, certificates. Among the best-known HSM offerings is Amazon Web Services CloudHSM, which works inside the AWS cloud. AWS describes CloudHSM as a service that "allows customers to securely generate, store and manage cryptographic keys used for data encryption in a way that keys are accessible only by the customer."
These systems are useful if you need to run digital rights management or a public key infrastructure. These systems can be used to provide high levels of security for products that require it, particularly to ensure regulatory compliance.
But that's much more security than you need for most typical projects. Unless you are working with such information as classified government data, confidential medical information or building-identity systems, you probably don't need an HSM.
Related Q&A from Chris Moyer
Get an overview of what a cloud-based system is and what would work best in your enterprise.continue reading
Looking for the best way to back up Amazon EBS? Expert Chris Moyer clarifies how incremental backups work.continue reading
Learn the best way to upload mock tests and which testing tools make the most sense for your enterprise.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.