Secure end-to-end cryptography is becoming table-stakes. Everything needs it, everywhere. How many other fields can you say that about?
Secondly, HSMs are a defense against key theft and long term impersonation, but not mis-use. For example, if your host accessing the HSM is compromised, an attacker can still use your key. Your security model always needs a revocation or recovery strategy for that case.
-
-
AWS has the scale to make some seriously big investments in physical security; chain of custody from time of manufacture, well-guarded data centers, pro-active penetration tests, etc ... as well as the resources to make provisioning quick and easy. So much easier than DIY.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.