Integrating Securosys HSM with Secret Server
You can integrate Securosys Hardware Security Modules (HSMs) with Secret Server to enhance the security of secret management by providing a secure hardware environment for cryptographic operations and key management.
- This integration supports only Secret Server On-Premises. If you are using Secret Server Cloud or Secret Server on Delinea Platform, see Integrating Delinea Secret Server Cloud and Secret Server on the Platform with XKS Proxy for AWS KMS.
- For the list of the HSMs compatible with Secret Server, see Using Hardware Security Modules in the Secret Server documentation (see the "Compatible HSMs" section on the page).
This integration offers the following benefits:
-
Enhanced key security: The use of HSMs significantly reduces the risk of key compromise by providing a hardware-based solution for key management. HSMs are often designed to be physically tamper-proof and can be placed in secure locations.
-
Compliance: By supporting security certifications such as FIPS 140-2 Level 3 and Common Criteria EAL4+, HSMs help organizations meet stringent security standards and achieve regulatory compliance.
-
Performance: All cryptographic operations (encryption, decryption, and signing) are performed in hardware, which helps improve performance and free up CPU resources.
-
High availability: Clustered HSM deployments help ensure operational continuity and enhance availability by providing load balancing and automatic failover.
-
Backup and recovery: HSMs allow for safe backup and recovery of encryption keys.