| copyright | lastupdated | keywords | subcollection | ||
|---|---|---|---|---|---|
|
2019-08-23 |
hardware security modules, HSM, single-tenant encryption, key management, Gemalto SafeNet Luna, FIPS certified, cryptographic, keys, |
hardware-security-modules |
{:shortdesc: .shortdesc} {:external: target="_blank" .external} {:note .note}
{: #about_ibm_cloud_hsm}
The {{site.data.keyword.cloud}} HSM as a service offering provides dedicated, single-tenant encryption, key management, and storage using Hardware Security Modules (HSMs). An HSM is a physical device that safeguards and manages digital keys for strong authentication and provides crypto-processing.
{:shortdesc}
{{site.data.keyword.cloud_notm}} personnel manage and monitor the health of the HSM appliance and operating environment, and do not have access to where your keys are stored. This separation of key and data management duties is for data security governance and regulatory alignment.
Based on Gemalto SafeNet Luna a750, {{site.data.keyword.cloud_notm}} HSM 7.0 is FIPS 140-2 Level 3 certified. With it, you can solve complex security, compliance, data sovereignty, and control challenges associated with migrating and running workloads on the cloud.
Based on Gemalto SafeNet Luna SA 7000, {{site.data.keyword.cloud_notm}} HSM 6.0 is FIPS 140-2 Level 2 certified for PKI, digital signatures, and cryptographic key storage.
Supported operating systems include AIX, Linux, Oracle Solaris, and Microsoft Windows. {: note}
Benefits of the offering include
- Improved compliance with data security governance and regulatory requirements and comprehensive control over encryption keys
- Management of the key lifecycle by the customer from creation to destruction
- Increased security from private network access
- Integration of applications or storage services through APIs
- Reduce IT costs by using the {{site.data.keyword.cloud_notm}} infrastructure to manage the hardware, physical security, and operating environment