Updated: Aug 31, 2020
All HSMs, whether on-premises or cloud based, should meet basic requirements, such as:
● Secure storage of cryptographic material ● Secure cryptographic execution (key generation, management etc.) ● Strong separation of duties ● Strong segregation of logical data and credentials especially for multi-tenant ● Certified physical and logical security mechanisms ● Mechanisms for event logging and audit reporting ● Secure APIs to access the HSM (PKCS#11, RESTful and others)
But, not all HSMs are created equal. They have different levels of functionality, security, ease of use, etc. – all of which can have a knock-on effect on your TCO.
Here are some of the features you may want to put high on your priority list:
Security: Certifications such as FIPS and Common Criteria are the easiest way to spot-check the security of a device. However, remember that although the certification means the hardware meets specific criteria, it doesn’t necessarily guarantee security.
Consider the reputation of the HSM vendor and its customers, and their focus on physical and logical security as well as certifications such as ISO27001 and SOC2.
Geographic Location: Compliance requirements may dictate where data can reside, and how that data can be shared, even within an organization.
Crypto Agility: Industry standard algorithms are generally recommended over proprietary, but some use cases mandate the use of specific algorithms or algorithm families. Organizations such as NIST, ANSI industry boards like GSMA or ETSI might specify certain algorithms/interfaces. Talk to your vendor about their support for future technologies such as Quantum.
Random Number Generation (RNG): The use of certified random number generators can be a factor for compliance with certain regulations or requirements, so check that the vendor uses an approved or certified process.
Key Backup: The backup of key material should only be done to an environment with the desired security level as is provided by HSM. The ability to manage remote backups or key material replication is also an important factor.
User Interface: Most of the HSM administration is done via command line, although “Crypto Management” interfaces are often also available to facilitate activities. This dictates a familiarity with HSMs that most organizations do not have, and even large organizations with onsite HSM teams to manage their existing appliances may not choose to expand their capacity when their requirements change.
Application Integration: Choose a vendor with multiple proven integrations that will serve you well into the future as your IT operations grow and compliance requirements change.
Automation: In addition to building the HSM infrastructure, for the smooth deployment and on-going management of the solution, it is recommended to find a service that offers automation of at least some of the processes such as deploying the clients, integrating the clients and managing on-going updates.
Key migration: The ability to transfer existing keys into the new environment is important in maintaining continuity of service for your applications. Some HSMs can provide simple migration capabilities today.
Outside of these technical “must haves” you might also find it beneficial to consider the application or use case that the HSM is to be used for. On-premises HSMs are more suited to high volume transactional requirements, where the latency of cloud could constrict performance and response times. However, the majority of use cases for most businesses should be able to benefit from using cloud based HSM services
Read more of our Blogs at http://www.woodsllp.com
Licensed from the ThalesGroup