What type of dedicated cryptographic processor that provides protection for cryptographic keys?

What do Hardware Security Modules do?

A hardware security module (HSM) is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. Hardware security modules act as trust anchors that protect the cryptographic infrastructure of some of the most security-conscious organizations in the world by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device.

What is the purpose of Hardware Security Modules?

Enterprises buy hardware security modules to protect transactions, identities, and applications, as HSMs excel at securing cryptographic keys and provisioning encryption, decryption, authentication, and digital signing services for a wide range of applications.

What Makes Thales the Best HSM Vendor?

Thales Hardware Security Modules provide the highest level of security by always storing cryptographic keys in hardware. They provide a secure crypto foundation as the keys never leave the intrusion-resistant, tamper-evident, FIPS-validated appliance. Since all cryptographic operations occur within the HSM, strong access controls prevent unauthorized users from accessing sensitive cryptographic material. Thales also implements operations that make the deployment of secure HSMs as easy as possible. They are integrated with Thales Crypto Command Center for quick and easy crypto resource partitioning, reporting and monitoring.

Thales HSMs adhere to rigorous design requirements and must pass through stringent product verification testing, followed by real-world application testing to verify the security and integrity of every device.

Thales HSMs are cloud agnostic, and are the HSM of choice for Microsoft, AWS and IBM, providing a “rentable” hardware security module (HSM) service that dedicates a single-tenant appliance located in the cloud for customer cryptographic storage and processing needs.

How are you navigating today's business data security changes?

2022 Thales Data Threat Report

Download the full global report and read about data security trends and changes in an era of hybrid work, ransomware and cloud transformation.
 

Get the Report

With Thales Hardware Security Modules, You Can:

• Address compliance requirements with solutions for Blockchain, GDPR, IoT, paper-to-digital initiatives, PCI DSS, digital signatures, DNSSEC, hardware key storage, transactional acceleration, certificate signing, code or document signing, bulk key generation, data encryption, and more.
• Keys are generated, and always stored in the intrusion-resistant, tamper-evident, FIPS-validated appliance, providing the strongest levels of access controls.
• Create partitions with a dedicated Security Officer per partition, and segment through admin key separation.

Read our white paper
 

Thales Luna General Purpose HSMs:

Available in a wide range of form factors and performance options, Thales Luna General Purpose HSMs safeguard the cryptographic keys used to secure transactions, applications, and sensitive data.

Contact a specialist about Hardware Security Modules

What is a Hardware Security Module?

Thales Luna Network HSM

Thales Luna Network HSM is a network-attached HSM protecting encryption keys used by applications in on-premises, virtual, and cloud environments. Thales Luna Network HSMs are both the fastest and most secure HSMs on the market. Increase your return on investment by allowing multiple applications or business units to share a common HSM platform.

Thales Luna PCIe HSM

An embedded HSM, Thales Luna PCIe HSM protects cryptographic keys and accelerates sensitive cryptographic operations. The ideal solution for dedicated performance or application security use cases.

Thales Luna USB HSM

Thales Luna USB HSM is an USB-attached HSM that is ideal for storing root cryptographic keys in an offline key storage device. Easy implementation for proof of concepts.

Thales ProtectServer HSM

Available in network attached and PCIe form factors, Thales ProtectServer Hardware Security Modules (HSMs) are designed to protect cryptographic keys against compromise while providing encryption, signing and authentication services to secure Java and sensitive web applications.

Thales ProtectServer HSMs offer a unique level of flexibility for application developers to create their own firmware and execute it within the secure confines of the HSM. Known as functionality modules, the toolkits provide a comprehensive facility to develop and deploy custom firmware.

Thales Crypto Command Center

Managing hardware security modules virtually is now not only possible, but easy for administrators. With Thales Crypto Command Center, organizations easily provision and monitor crypto resources for their Thales Luna Network HSMs and reduce IT infrastructure costs.

Combining Thales Crypto Command Center with our Thales HSMs, IT departments can leverage a crypto hypervisor to deliver on-demand, elastic cryptographic services for data protection via cloud environments.

Luna Cloud HSM

Luna Cloud HSM services are available on the Thales Data Protection on Demand (DPoD) online marketplace. With Luna Cloud HSM services, customers can store and manage cryptographic keys, establishing a common root of trust across all applications and services, while retaining complete control of their keys at all times. HSMs are also used to perform cryptographic operations such as encryption/ decryption of data encryption keys, protection of secrets (passwords, SSH keys, etc.), and more, across environments.

Enjoy the flexibility to move freely between cloud, hybrid and on-premises environments for cloning, backup and more in a purpose-built hybrid solution while always remaining in control with Thales hybrid Luna HSMs.

Luna Backup HSM Solutions

Thales offers flexible options to help maintain business continuity, with offline backup HSM and cloud backup HSM solutions that follow security best practices by maintaining keys in hardware throughout their lifecycle, protecting those keys even when not in use and reducing the attack surface.

Post-Quantum Risk Assessment

In just 5 minutes you will gain a better understanding of your organization's post-quantum breach risk.

Thales HSMs Play Well with Others

A broad range of innovative technology partners utilize Thales Hardware Security Modules as roots of trust, relied upon to secure sensitive data, transactions, applications, and more around the world.

Explore Our Integrations

Quantum-Safe Crypto Key Management: Why Now!

Data privacy legislation is extending its reach beyond the basic requirements of personally identifiable information to include information that could be detrimental to the critical infrastructure of a city or country.

Risk Management Strategies for Digital Processes with HSMs - White Paper

An Anchor of Trust in a Digital World Business and governmental entities recognize their growing exposure to, and the potential ramifications of, information incidents, such as: Failed regulatory audits Fines Litigation Breach notification costs Market set-backs Brand...

Hardware Security Modules (HSMs) are hardened, tamperresistant hardware devices that that protect cryptography keys used for such functions as encryption, digital signing and key generation.

NASDAQ OMX - HSM - Case Study

The inventor of the electronic exchange, The NASDAQ OMX Group provides transformative technologies for the entire lifecycle of a trade—from risk management to trade to surveillance to clearing. In the U.S. and Europe, the company owns and operates 23 markets, three...

Which of the following is defined as a security analysis of the transaction within its approved context?

What technology enables authorized users to use an unsecured public network such as the Internet as if it were a secure private network?

What secure protocol is recommended for network address translation?

What can be configured that can help to evenly distribute work across the network and make use of both servers in a manner that is transparent to the end users?