We are excited to announce AWS CloudHSM, a new service enabling customers to increase data security and meet compliance requirements by using dedicated Hardware Security Module (HSM) appliances within the AWS Cloud. The CloudHSM service allows customers to securely generate, store and manage cryptographic keys used for data encryption in a way that keys are accessible only by the customer.
AWS provides a variety of solutions for protecting sensitive data within the AWS platform. But for some applications and data subject to rigorous contractual or regulatory mandates for managing cryptographic keys, additional protection is necessary. Until now, organizations’ only options were to maintain data in on-premises datacenters or deploy local HSMs to protect encrypted data in the cloud. Unfortunately, those options either prevented customers from migrating their most sensitive data to the cloud or significantly slowed application performance.
With AWS CloudHSM, customers maintain full ownership, control and access to keys and sensitive data while Amazon manages the HSM appliances in close proximity to their applications and data for maximum performance. For more information about Amazon HSM, visit http://aws.amazon.com/cloudhsm/.