AWS CloudHSM is a cloud-based hardware security module that lets you generate and use your own encryption keys on the AWS cloud. In this video, explore single-tenant HSM encryption key services. Learn about the pros and cons and explore the integration options with Key Management Service.
- [Instructor] If you need absolute key security … for data encryption and decryption, … and you can't use the key management service … because of your compliance rules and regulations, … maybe you want to consider using CloudHSM. … CloudHSM is a hardware storage module that allows you … to perform cryptographic operations for key storage. … You're taking this away from the key management service … and carrying out the process yourself. … You define a security officer which will control … the access to these keys. … You will also have application administrators … that has no direct access to the keys. … They would have to interface with the security officer, … and this complies with PCI DSS, FIPS 140-2 Level 3. … If you have to follow these different compliance decrees, … then perhaps you'll have to use hardware devices at AWS. … Once you order a CloudHSM, you, the customer, … have dedicated access to that HSM device. … You, the customer, are the only entity that has access … to the keys and the key operations. …
Skill Level Intermediate
1. Infrastructure Security
2. Data Protection
3. Detective Controls
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.