Amazon announced on Tuesday its launch of CloudHSM, a security service provided to Amazon Web Services users who are required to meet internal, contractual, or regulatory compliance standards for digital data security.
The service provides an option for protecting data by utilizing a dedicated Hardware Security Module (HSM) within Amazon’s cloud.
Up until the Amazon CloudHSM announcement, Amazon recommended that companies using its cloud storage services store restricted data keys in its on-premises data centers.
Conventionally, customers would expect a Hardware Security Module to be dedicated, acting as a strongbox used to store keys while running cryptography. Amazon aims to change that with its CloudHSM, bringing dedicated security to its customers through the cloud.
Amazon had this to say in a recent blog post,
“brings the benefits of HSMs to the cloud. You retain full control of the keys and the cryptographic operations performed by the HSM(s) you create, including exclusive, single-tenant access to each one. Your cryptographic keys are protected by a tamper-resistant HSM that is designed to meet a number of international and US Government standards including NIST FIPS 140-2 and Common Criteria EAL4+.”
There’s an upfront fee of $5,000 for the service and then either an hourly rate of $1.88, or a monthly fee of $1,373. You can find more pricing information on Amazon’s AWS CloudHSM website.