Global digital security company Gemalto, with 2018 annual revenues of €3 billion and customers in over 180 countries, has announced the availability of three new cloud-based Hardware Security Module services. The launch of these three new HSM services follows “a worsening threat landscape, combined with aggressive cloud adoption and evolving privacy regulations.”
According to Gemalto, the rapid adoption of cloud and digital services has made it difficult for organizations to secure data and identities that are created, stored and managed outside the perimeter. While organizations would recognize that data encryption is the optimal solution to secure sensitive information, they can be challenged by the cost and complexity of deploying encryption, including Hardware Security Modules to secure their cryptographic operations.
Gemalto’s SafeNet Data Protection On Demand would solve these challenges by providing cloud-based HSM services that and can be deployed in minutes without the need for highly skilled staff. Gemalto’s HSM solutions would enable organizations to secure their encryption keys and data across cloud, hybrid, and on-premises environments.
“Many organizations would like to deploy data security more broadly, but are often wary due to concerns about complexity, cost and staffing requirements, particularly with respect to encryption and key management,” said Garrett Bekker, Principal Analyst at 451 Research. “The release of SafeNet Data Protection On Demand was a positive step towards addressing those concerns, and extending its cloud HSM capability to newer use cases like blockchain, database security and privileged credentials is a logical and timely move.”
Gemalto’s three SafeNet Data Protection On Demand solutions include:
- HSM On Demand for CyberArk – works “seamlessly” with CyberArk’s Privileged Access Security Solution, providing private key protection and strong entropy for key generation for system keys. By securing the master key and ensuring that it is hosted in a secure vault, HSM On Demand for CyberArk would mitigate the risk of the master key being exposed or compromised.
- HSM On Demand for Hyperledger – would provide trust for blockchain transactions by securing the cryptographic keys that sign them. It protects digital wallets, while ensuring keys are readily available in the cloud once access is granted. This service would provide high-assurance security in data centers and the cloud, enabling multi-tenancy of blockchain identities per partition as proof of transaction and for auditing requirements. It also delivers performance improvements resulting from off-loading cryptographic operations from application servers to the HSM on Demand service.
- HSM On Demand for Oracle TDE (Transparent Data Encryption) – solves the challenge presented by locally stored encryption keys by protecting them with a master key, stored in a separate service key vault. This would ensure that only authorized services are allowed to request the local key to be decrypted. If an attacker steals the database, it is encrypted and inaccessible, since the attacker does not have access to the keys that are securely stored on the HSM.
About Gemalto
Gemalto’s 15,000 employees operate out of 110 offices, 47 personalization and data centers, and 35 research and software development centers located in 47 countries. From secured software to biometrics and encryption, Gemalto’s technologies and services enable businesses and governments to authenticate identities and protect data so they stay safe and enable services in personal devices, connected objects, the cloud and in between.
