From the course: AWS Administration: Security Operations
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Explore Cloud HSM - Amazon Web Services (AWS) Tutorial
From the course: AWS Administration: Security Operations
Explore Cloud HSM
- [Instructor] If you need absolute key security for data encryption and decryption, and you can't use the key management service because of your compliance rules and regulations, maybe you want to consider using CloudHSM. CloudHSM is a hardware storage module that allows you to perform cryptographic operations for key storage. You're taking this away from the key management service and carrying out the process yourself. You define a security officer which will control the access to these keys. You will also have application administrators that has no direct access to the keys. They would have to interface with the security officer, and this complies with PCI DSS, FIPS 140-2 Level 3. If you have to follow these different compliance decrees, then perhaps you'll have to use hardware devices at AWS. Once you order a CloudHSM, you, the customer, have dedicated access to that HSM device. You, the customer, are the only entity that…
Contents
-
-
-
-
Data protection in transit and at rest6m 20s
-
(Locked)
Data encryption options for storage services5m 21s
-
(Locked)
S3 Encryption4m 7s
-
(Locked)
Key Management Service4m 48s
-
(Locked)
Explore Cloud HSM4m 41s
-
(Locked)
Analyze breaches with Amazon Macie6m 19s
-
(Locked)
Certificate Manager4m 56s
-
(Locked)
Demo: Amazon Macie2m 57s
-
-
-