Creating virtual Hardware Security Models (HSMs) within an on-premises HSM is a great way to maximise your return on investment (ROI), says Ruchin Kumar, Vice President, South Asia, Futurex, an enterprise data security solution provider. He adds that the more virtual HSMs an organisation uses, the more cryptographic use cases it can fulfil. HSM virtualisation reveals the true potential of HSM infrastructure, according to Kumar.
Excerpts from the interview:
Can you explain what HSM virtualisation is and how it can benefit MSMEs?
A virtual Hardware Security Model (HSM) is an independent instance of a physical HSM created within the secure boundary of a physical HSM. The virtual HSM is completely independent: it has its own major keys, network and TLS settings, security policies, and throughput limits. Creating virtual HSMs within an on-premises HSM is a great way to maximise your return on investment (ROI). Rather than acquiring separate HSMs to process payments, encrypt databases, and manage keys, you can accomplish everything with one HSM running virtual HSMs. Each virtual HSM can be dedicated to its own set of use cases, applications, and workloads. You could even spin up virtual HSMs within a cloud HSM, greatly reducing capital expenditures (Capex). In short, HSM virtualisation reveals the true potential of HSM infrastructure.
How does HSM virtualisation improve the security of an organisation’s data and infrastructure?
More cryptography is always a good thing, when it comes to security. HSM virtualisation improves your organisation’s security posture in the same way that deploying more HSMs makes you more secure. The more virtual HSMs you use, the more cryptographic use cases you can fulfil. For example, your organisation might deploy an HSM to encrypt customer data or applications; later, you might decide to use strong encryption to secure your databases. Rather than buying a new HSM, in a matter of minutes you can create a virtual HSM to encrypt your databases.
In what ways can HSM virtualisation enhance the efficiency and effectiveness of an organisation’s data management and storage processes?
Virtual HSMs can be deployed almost immediately to perform any cryptographic task. They can be assigned to handle specific applications and workloads, too. Futurex offers intuitive web-based interfaces with which users can visually manage their on-premises, cloud, and virtual HSM infrastructure. Virtual HSMs’ ease of deployment, powerful functionality, and intuitive management make them an efficient way to protect and manage data, both in transit and at rest.
How does Futurex’s expertise in cryptography contribute to the reliability and security of its HSM virtualisation solutions?
Futurex has been providing enterprise-grade cryptography for over 40 years. Our company’s history has been defined by a number of industry “firsts”. Not only did we introduce HSM clustering with our Guardian Series of cryptographic management devices, but we also went on to develop the first all-in-one key management solution in the KMES Series. As far as HSM virtualisation goes, our Vectera HSM was the first HSM on the market to offer HSM virtualisation, triggering a wave of competitors to follow in our footsteps. Today, Futurex is developing innovative cryptographic solutions in the cloud to help organisations to transform their cybersecurity strategies.
Can you provide some examples of industries or use cases where HSM virtualisation is particularly relevant or beneficial for MSMEs?
Every cryptographic use case required of an MSME can be easily accomplished using virtual HSMs. Let’s say that an application developer needs to build cryptographic functionality into their application to protect their user’s data. An HSM can easily accomplish this. But let’s say that they also want to manage encryption keys, establish authentication between users on their network, and encrypt their local files as well. With minimal effort, the application developer could spin up virtual HSMs to accomplish these tasks.
How does Futurex support its clients in implementing and maintaining HSM virtualisation solutions?
Futurex maintains teams of certified Solutions Architects and technical support specialists who provide client-specific services 24/7/365. We have also partnered with distributors and consultants all across the world to deliver industry leading HSM virtualisation solutions to organisations of every size and across every market vertical.
Can you discuss any case studies or success stories of MSMEs that have implemented HSM virtualisation with Futurex and seen positive results?
There are multiple customer success stories documented on our website. A recent one involved a Brazilian payments company that sought to pioneer Banking-as-a-Service (BaaS) in the LAC market. The company successfully deployed our VirtuCrypt cloud service to create a pool of cryptographic resources shared amongst its business units—all managed from a central location. This led to streamlined cryptographic management system and new revenue streams for the company.
Can you describe the technical infrastructure and support required for implementing HSM virtualisation and how Futurex assists in this process?
Virtual HSMs are created within the boundary of an actual HSM, which can be deployed on-premises or through the cloud. Either method requires appropriate forethought and planning, but cloud HSMs tend to be fast and easy to deploy, requiring only a license to use the cloud platform (in the case of VirtuCrypt).
Can you discuss any additional features or capabilities of Futurex’s HSM virtualisation solution that make it particularly valuable for MSMEs?
In the recent past, organisations had to deploy separate HSMs for separate use cases. If an organisation needed to secure an oracle database, it needed an HSM. If that organisation later wanted a certificate authority (CA) to bring new devices onto its network in a secure way, it needed a second HSM. Futurex’s HSM virtualisation capabilities give organisations the administrative and financial flexibility to establish their ideal cryptographic infrastructures without having to worry about excessive capital expenditures or cryptographic sprawls.
How does Futurex’s HSM virtualisation solution compare to those offered by other vendors in terms of cost, performance, and security?
Futurex was the first company to offer HSM virtualisation solutions, and it remains the best for a simple reason: innovation. We are constantly developing new cloud services—such as native cloud integrations and BYOK solutions—that make life easier for our customers. Our drive to innovate, as well as the superb customer support we offer, is all part of our customer-focused philosophy. It’s carried us a long way over the past 40 years, and we’re looking forward to where it takes us next.