Break free from the restrictions of physical security hardware
Hardware Security Modules (HSMs) remain a common and useful part of a cryptographic environment, and many organizations still use HSMs as the root of trust for cryptographic keys. However, HSMs can be inflexible, difficult to use, and can cause a number of key management issues:
- HSMs are locked into the limitations of old protocols like PKCS#11 and proprietary integrations
- Data is moving to cloud, edge and hybrid environments, which make it hard to consume on-prem HSM keys where functionality like multi-tenancy is required
- HSMs are often limited in their key management lifecycle operations
Existing HSMs typically reside in the datacenter and are used for onsite applications
Modernize with SvKMS HSM Extension
StorMagic SvKMS encryption key management has been designed to support the PKCS#11 specification. This enables its HSM extension feature and means it can consolidate all of the various HSMs within an organization and provide a single management interface for the entire key lifecycle. Each HSM can continue to serve as the root of trust, while SvKMS takes the hassle and complexity out of day-to-day key management and administration.
The HSM extension feature allows SvKMS to serve as an abstraction in front of an HSM, where the master keys are still stored in the hardware, but provisioned out through the key manager which can then perform many key management lifecycle functions. A single, GUI-based platform delivers efficiency and cost savings.
Make the most of legacy HSMs already in your infrastructure and take advantage of their added security features such as root of trust, while enabling modern encryption workflows from cloud-based applications to distributed data stores across environments from the edge to the core.
A modern approach to HSMs - the HSM extension feature in SvKMS allows all HSMs to be managed centrally
Utimaco CryptoServer CP5
nCipher nShield Connect 5000+ and 6000+
Thales Luna 7.0