Hardware Security Module (HSM)

A Hardware Security Module (HSM) is a physical security device that safeguards and manages digital keys, performs encryption and decryption services, strong authentication, and often have tamper detection and prevention built into the devices themselves. Each HSM contains one or more secure ‘cryptoprocessor’ chips to prevent tampering and ‘bus probing’. 

A common example of HSMs in our daily lives is our use of Automated Telling Machines (ATMs). We all possess ATM or Debit cards that allow us to gain access to our bank account. When you insert your card into the machine, it verifies that the 4 digit PIN you enter matches the reference PIN known to the card issuer. Similarly, this is how a network administrator would gain access to sensitive information. They would have their physical security card (or device) along with another form of authentication such as a password they know or biometric information (fingerprint, retina scan). HSMs are used as a form of Two-Factor Authentication when attempting to access critical data in a network or system. 

What does this mean for an SMB?

Network administrators at an MSP or SMB may not have much reason to work with an HSM to secure their company or network.  The exception here is high security SMBs working on government contracts which need to protect CUI, ITAR, or Top secret data.  In these cases, they may receive an HSM from the government to protect the data entrusted to them.  For most others, it is not likely to be used or needed. While HSMs have their place, it is more important for MSPs and SMBs to implement other security tools listed below in your toolbelt. CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:

To learn more about Hardware Security Modules (HSMs), watch this short 3-minute video:

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.

Find out how CyberHoot can secure your business.

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.