A hardware security module (HSM) is a physical computing device that protects and achieves strong authentication and cryptographic processing around the use of digital keys. Through an isolated, tamper-proof environment, these devices are built to create and secure cryptographic keys, protect critical cryptographic operations, and lastly enforce implemented policies over the use of these keys. HSMs can come in various forms: PCI e-cards, USB tokens, and network attached appliances are all common.
The Rise of Hardware Security Modules
Organizations have begun realizing the importance of HSMs. The global deployment rate of these devices has risen from 26% in 2012 to 41% in 2017 according to the 2018 Global Encryption Trends Ponemon Institute Research Report. With technology’s ever-changing environment, organizations must keep up to be successful. These changes can lead an organization down two paths. One may lead to growth and prosperity, but the other may lead to destruction and despair.
Data Privacy Regulations
Internet of Things
Organizations from all industries are being affected by their data management through encryption or key management. HSMs can offer organizations the ultimate security.
Securing Data using Hardware Security Modules
Hardware Security Modules boasts many impressive features and administrative functions.
Generate Encryption Keys
Crypto Operations Processing
Restrict Access only for those Authorized
Federal Information Processing Standard 140-2 Levels 3 or 4
For a key generation, an HSM uses a true entropy-driven, hardware-based Random Number Generator, usually built to compliance to level PTG.2 of the BSI Specifications AIS20 and AIS31, and as pertains to Hash_DRBG from the NIST SP 800-90A. Secure Private and Secret keys can only be generated by data returned by such DRBGs (Deterministic Random Bit Generator).
Whether the stages of lifecycle from creation, import, usage, rotation, destruction, and auditing, the HSM maintains protection over encryption keys to ensure data is never exposed. Once the keys are created and stored in the HSM, authorization will only be allowed through a series of key cards and passphrases to gain access, as most HSMs provide support for both multi-factor authentications, and can require access via the “4-eyes” principle.
Risks of Software-only Cryptography
For those that choose to bypass HSMs, software-only cryptography is the next option. However, those choosing software-only cryptography must understand the risks that come with this decision
The two types of attacks on Software-only Cryptography:
Logical Attacks –
mainly involving an attack on main memory or discs in servers to locate the crypto keys
Vulnerability during stage operations in server memory.
Core Data Dump
Accessible by Passphrase
Physical Attacks –
the removal and scanning of old hard drives or memory.
Technicians have forcibly removed and frozen hardware to locate cryptographic keys
How does an HSM protect against these two specific threat vectors? The protected secrets never exist outside the HSM, and inside the HSM only ever exist ‘in the clear’ during use, and while inside protected RAM (CPU cache memory, with code running in the cache memory also). Any data-at-rest on the device will be AES256 encrypted. And FIPS 140-2 Level 3 and higher HSMs will react to environmental changes such as temperature (higher or lower than normal), changes in the electrical feed (over- or under-voltage), and Level 4 HSMs extend this protection to the physical, and will erase themselves if the HSM hardware is damaged.
Security Compliance & Regulations
While organizations face many different drivers to encrypt data, fifty-five percent of organizations have said compliance with privacy and data security requirements is their top driver according to the 2018 Global Encryption Trends Ponemon Institute Research Report. Universally, countries are beginning to set a standard for privacy, for those organizations handling sensitive information. Those who wish to ignore these regulations and laws will be at the mercy to hefty fines.
Health Insurance Portability and Accountability Act (HIPAA)
Health Information Technology for Economic and Clinical Health (HITECH)
The Payment Card Industry Data Security Standard (PCI-DSS)
The Future of Hardware Security Modules
In today’s environment, organizations must adapt to the new digital world. By deploying HSMs, organizations will be laying out the foundation for enterprise encryption and key management. Your cryptographic keys and digital identity will have maximum security. Whether dealing with Public Key Infrastructure (PKI), Document Signing, Code Signing, Key Injection, or Database Encryption, HSMs will provide the utmost security with respect to cryptographic keys now, and in the future.
With cloud adoption soaring to whopping 96% in 2018 according to CIO, it’s no wonder that cloud security is a hot industry topic. In today’s dynamic world, many companies are accelerating their digital transformation by moving data and applications to the cloud; benefiting from scalability and reduced costs at the same time. With cloud becoming an integral part of any enterprise, the questions that many ask include:
How to ensure cloud data security?
Where and how to manage encryption keys in the cloud?
How to ensure your data is securely stored and protected in a multi-cloud environment?
How to ensure vendor independence in a multi-cloud environment?
Hardware Security Modules (HSMs) have been around for a long time and have over the years become synonymous with “security”. Many organizations that host their data and applications on-premise will use HSMs – physical security units that authenticate, generate and store cryptographic material to protect their most valuable assets. The HSM acts as the centralized Root of Trust providing the ultimate level of security that no software can offer. While this is a great option for on-premise scenarios, it becomes complicated if you’re in a multi-cloud environment.
Say you do decide to go with the Key Management Service (KMS) offered by your Cloud Service Provider (CSP), what happens if your environment is a combination of private, public, hybrid or multi-cloud? The important question to ask would be if your CSP’s KMS supports data and applications hosted outside of their own data environment. Every enterprise has a unique cloud environment and getting locked-in with one vendor in the name of data security is probably not the best option. What you want to be looking for is a solution that is CSP-agnostic meaning supportive of various cloud environments so you can make the most of the benefits and services offered by key providers like Google, Azure, and AWS.
Another consideration regarding your CSP’s KMS is the proximity of your valuable data assets and your encryption keys. Is it safer to keep your house key under the doormat or in a locked vault in a secure storage facility? At the end of the day, KMS is nothing more than software which undoubtedly lacks the stringent security protections of a dedicated unit like an HSM. As a best practice, it’s important to separate your encryption keys from your encrypted data assets to minimize the risk of a catastrophic data breach.
We are back at where we started. If HSM is the ultimate security solution, then wouldn’t it be ideal to be able to have access to HSM-level security for your cloud applications and workloads without taking on the expense and responsibility of managing your multi-cloud environment HSM? Today, solutions like HSM-as-a-Service or HSM-in-the-Cloud offer the best of both worlds combining the security of an HSM with a flexibility of a KMS. This might be the solution for you if you’re looking for:
Migration flexibility – no CSP and cloud lock-in
Reducing your capex
Innovate in the cloud – place your own firmware and custom code on the HSM
With the right strategy and solution, you can ensure your cloud security is treated like your on-premise security. Get in touch with Utimaco to learn more about CryptoServer Cloud and how you can secure your cloud data without limiting your agility and potential.