The need to control keys is more pressing than ever with the adoption of Cloud services. Hardware Security Modules (HSM) sit at the heart of this, but they can be expensive pieces of physical infrastructure that need to be run in a data centre. Thales Data Protection on Demand is a cloud-based platform providing a wide range of cloud HSM and key management services through a simple online marketplace. Security is now simpler, more cost-effective and easier to manage because there is no hardware to buy, deploy and maintain. Just click and deploy the services you need, provision users, add devices and get usage reporting in minutes.
Primary use cases for deploying hsm services from thales
Luna Cloud HSM services enable customers to store and manage cryptographic keys, establishing a common root of trust across all applications and services, whilst retaining complete control of their keys at all times. HSMs are also used to perform cryptographic operations such as encryption/ decryption of data encryption keys, protection of secrets (passwords, SSH keys, etc.), and more, across environments.
Luna Cloud HSM
Set up and access a Luna Cloud HSM service for your organisation’s cryptographic operations.
Secure CyberArk Privileged Access Security Solution’s top level encryption key within an HSM.
Digitally sign the author of software and firmware packages or electronic documents to ensure the integrity of the sender.
Bring trust to blockchain transactions to perform the required cryptographic operations across distributed systems.
Generate and protect the private keys associated with your Java Code Signer application in an HSM.
Secure the keys of your Microsoft Root Certificate Authority (CA) in an HSM.
Generate and secure your Microsoft Authenticode certificates on an HSM.
Microsoft SQL Server
Off-load Microsoft SQL Server cryptographic operations to an HSM.
Ensure that Oracle TDE encryption keys are protected by a master key that resides within the HSM.
PKI Private Key Protection
Secure private keys belonging to Certificate Authorities responsible for establishing PKI trust hierarchy.
Luna Cloud HSM with Key Export
Set up and access a Luna Cloud HSM with private key export, for your organisation’s cryptographic operations.
Luna HSM Backup
Backup and restore for your organisation’s on-premises Luna HSMs.
Key Broker Services
CipherTrust Key Management Services on the Thales Data Protection on Demand (DPoD) platform provide Bring Your Own Key (BYOK) capabilities as a cloud-based service. With DPoD, you can ensure simple and secure control of your keys and related security policies for encryption within your cloud service providers’ IaaS and PaaS environments and SaaS vendors.
The key broker enables you to retain control of your keys and align your key management policies across environments. The key broker serves as a custodian of keys, providing a consolidated key management directory to manage, search and audit all keys. Using the Key Broker, you can design and enforce policies, helping to ensure compliance.
Generate and import keys into Microsoft Azure Key Vault to enhance data protection and compliance.
Google Cloud EKM
Create, control and store encryption keys outside of the cloud where sensitive data is stored, while leveraging the power of Google Cloud for compute and analytics.
Create tenant secrets for Salesforce and manage your keys and security policies in concert with Salesforce Shield across their lifecycle.
Sign Up For A Free 30-Day Evaluation
Deploy and manage encryption, key management and hardware security modules services on-demand and from the cloud.