About IBM Cloud Hardware Security Module

IBM Cloud® Classic infrastructure Hardware Security Module (HSM) provides dedicated, single-tenant encryption, key management, and storage that uses Hardware Security Modules (HSMs). An HSM is a physical device that safeguards and manages digital keys for strong authentication and provides crypto-processing.

IBM Cloud personnel manage and monitor the health of the HSM appliance and operating environment, and don't have access to where your keys are stored. This separation of key and data management duties is for data security governance and regulatory alignment.

IBM Cloud® HSM offers the following two Thales SafeNet Luna module options:

• Thales SafeNet Luna a750, IBM Cloud HSM 7.0 is FIPS 140-2 Level 3 certified. With this certification, you can solve complex security, compliance, data sovereignty, and control challenges that are associated with migrating and running cloud-based workloads.
• Thales SafeNet Luna SA 7000, IBM Cloud HSM 6.0 is FIPS 140-2 Level 2 certified for PKI, digital signatures, and cryptographic key storage.

Supported operating systems include AIX, Linux, Oracle Solaris, and Microsoft Windows.

Benefits of IBM Cloud HSM include

• Improved compliance with data security governance and regulatory requirements and comprehensive control over encryption keys
• Management of the key lifecycle by the customer from creation to destruction
• Increased security from private network access
• Integration of applications or storage services through APIs
• Reduce IT costs by using the IBM Cloud infrastructure to manage the hardware, physical security, and operating environment