<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
Discover our Cloud Console platform for an easy setup and management of your CloudHSM.

Learn more
Products & Solutions
Products & Solutions
Explore our portfolio of cutting-edge cybersecurity solutions, centered around our flagship Hardware Security Modules (HSMs). From encryption and key management to secure access and authentication, our products ensure robust protection for your most critical data and systems.
menu icon
Hardware Security Module (HSM)
HSM Overview What is an HSM? Primus HSM X Cyber Vault Primus HSM X-Series Primus HSM E-Series Primus HSM S-Series Primus HSM Blockchain Post-Quantum Cryptography
menu icon
Cloud Security
Securosys CloudHSM Cloud Console What is CloudHSM? CloudHSM Service Offerings Integrated Technologies HashiCorp Vault S365 DKE - add-in for Microsoft 365 Bring Your Own Key (BYOK) External Key Store (XKS) Proxy for AWS Fortinet Fortigate
menu icon
Additional Products and Services
Decanus Terminal Transaction Security Broker (TSB) Key Attestation Smart Key Attributes (SKA) Docker Image Security
Partners
Support
Support
menu icon
Support
Online Documentation Support Portal System Status Trainings
finance-institution-colourful
What is ...?
What is an HSM? What is CloudHSM? What is BYOK? What is SIC system?
About
About
Learn more about our mission, explore career opportunities, and access our resources. Discover how we’re shaping the future of cybersecurity and how you can be part of it.
menu icon
Securosys SA
About Us Events News Career
menu icon
Resources
Online Documentation Blog Articles Stories and Paper Video Gallery
document-lock-b&w
Certifications
Security Certifications Safety & Compliance Certifications Company Certification
Contact us
  • There are no suggestions because the search field is empty.

Challenge

Running a Hardware Security Module (HSM) demands substantial expertise, resources, and adherence to stringent security protocols. However, for many organizations, managing HSMs is not a core competency. This gap between the necessity for robust security measures and the available expertise poses a significant challenge.

Solution

Our HSM as-a-service or CloudHSM provides a seamless, secure, and cost-effective path to achieving full compliance with data security requirements and regulations. Securosys CloudHSM streamlines the generation, use, and storage of encryption keys by delegating the time-consuming tasks of evaluation, setup, maintenance, and updates to our team of security experts. Thus, allowing you to focus on your core business while resting assured that robust security measures are in place.

Securosys CloudHSM operates on a patented proprietary hardware and software architecture, meticulously crafted and sustained in-house, ensuring end-to-end control without any intermediaries. It is available with dedicated HSMs, or as shared service in multi-tenancy HSMs, either as a Global or as a Regional Swiss, Europe, North America, or Asia-Pacific cluster. For redundancy and availability purposes, these HSMs are deployed in a cluster that keeps all data synchronous in multiple HSMs. With this setup, CloudHSM can offer any organization local, regional, and global HSM-clusters, providing access points in different locations, bringing latency down and offering the service in their jurisdiction.

Get the best of Securosys Primus HSM,
directly from the Cloud

managed service - CloudHSM
Managed Service
CloudHSM is a fully managed service that automates hardware provisioning, software patching, and secure key management. It eliminates the need for upfront infrastructure investments, offering a scalable, compliant solution that simplifies security management and minimizes operational effort.
shield-b&w
Comprehensive Certification Standards
CloudHSM leverages Securosys Primus HSMs, certified for FIPS 140-2 Level 3, Common Criteria EAL4+, EN 419 221-5, and ISO/IEC 27001, ensuring top-tier security and compliance for sensitive data protection and Qualified Electronic Signatures.
easy integration
Simple, seamless integration
Activate CloudHSM immediately, with no setup or evaluation required. Integrate seamlessly into your existing systems via various interfaces such as PKCS#11, openSSL, JCE/JCA, Microsoft CNG interface, or REST API.
locket-circle-blocks-b&w
Flexible Deployment
Available as dedicated HSMs or shared multi-tenant HSMs, Securosys CloudHSM can be tailored to meet various security and compliance needs.
locket-key-b&w
Extensive Cryptographic Features
Securosys CloudHSM offers a broad range of cryptographic features to meet diverse security requirements.
map-sphere-b&w
Patented HSMs with Built-in Back-up Capabilities
Securosys CloudHSM operates on a proprietary hardware and software architecture, ensuring end-to-end control without intermediaries.
shield-compliance-b&w
Reliable and Up-to-Date Services
Benefit from always up-to-date services and security measures with continuous expert operation and firmware updates. Our operation and monitoring services ensure guaranteed uptime and maximum availability.
Key Differentiators
3D-cloud-platforms-colourful

Excellent price-performance ratio

Leverage a shared environment for economical operations without compromising on security. Competitive and flexible pricing options, without initial costs or tied-up capital.

Architecture built for High Security and Availability

Our service is built and hosted by the experts who developed and produced the HSMs for the Swiss payment clearing and settlement system. Securosys CloudHSM operates on a proprietary hardware and software architecture, ensuring end-to-end control without intermediaries.

Global Availability

Compatible with all major cloud service providers, Securosys CloudHSM is accessible through regional clusters in Switzerland, Germany, Singapore, the US, or globally.

Image-4.18

How does it work?

CloudHSM is a cloud-hosted Hardware Security Module (HSM) service that enables you to perform cryptographic operations and manage encryption keys with enhanced security. 

What is CloudHSM?

Image-4.18

Use Cases

colourful-background-patterns-5 PKI (Public Key Infrastructure) The multi-tenancy of CloudHSM allows one partition to be used for the root key of the main Certificate Authority (CA), while clients can utilize additional partitions for sub-CAs. The root key signs certificates for the sub-CAs, streamlining PKI management. Securosys CloudHSM allows as well to switch the partition that holds the root key, cryptographically offline for even more security
colourful-background-patterns-7 Secure Storage of Crypto Assets CloudHSM offers secure generation and management of private keys, which are stored redundantly in an HSM cluster. This ensures that keys remain accessible even if your HSM cluster is unavailable during natural disasters, providing reliable and resilient security for crypto assets. Learn more colourful-background-patterns-13 Highly Secure Blockchain Systems Securosys CloudHSM addresses digital signature issues in Distributed Ledger Technology (DLT) by enabling multi-signature functionality. This procedure requires at least two concurrent authorizations for each action, enhancing security. Learn more
colourful-background-patterns-9 Document Signing and Archiving CloudHSM, ISO 27001 certified and operating on Common Criteria certified Primus HSMs, supports eIDAS or ZertES compliant electronic signatures with qualified certificates. It’s certified to Common Criteria EAL4+ EN 419 221-5, and its patented SKA function ensures sole control of digital signatures. The attestation function also automates audit requirements for Trust Service Providers, simplifying the process of qualified seals.
colourful-background-patterns-4 Code Signing CloudHSM seamlessly integrates into development environments, enhancing code signing automation. Using an Extended Validation (EV) Certificate from a recognized CA ensures software trustworthiness. Compliant with CA/Browser Forum standards, CloudHSM supports issuing and managing Publicly-Trusted Code Signing certificates. Key attestation further ensures keys are generated on the HSM and remain secure, adding extra integrity to your code signing process.
colourful-background-patterns-2 Identity and Access Management CloudHSM enables secure generation and storage of keys to protect digital identities. It offers high availability, centralized security, and easy handling of various digital keys, strengthening identity and access management systems.
colourful-background-patterns Database Encryption Encrypting your database and storing the keys centrally on CloudHSM protects your data effectively. Even if a database is stolen, the encryption keys stored on CloudHSM would prevent unauthorized access to the data.
Securosys Authorization App - Visual module website-2

Securosys Authorization App

Fast, Reliable, and Secure Approvals Anytime, Anywhere.

Authorize cryptographic tasks like signing, decrypting, unsealing, and modifying keys — right from your smartphone. Download the app now. 

Securosys Authorization App - Visual module website-2
GetItOnGooglePlay_Badge_Web_color_English
Download_on_the_App_Store_Badge_US-UK_RGB_blk_092917

Resources

Technical Factsheet Service Packages API References Compliance & Certifications Quick Start Guide CloudHSM Console

FAQs

Explore answers to common questions about Securosys CloudHSM, covering setup, regions, scalability, and secure cloud key management.
What is CloudHSM, and how does it differ from traditional HSMs?
CloudHSM is a service based on our hardware security modules hosted in Securosys’ own cloud, providing secure key storage and cryptographic operations without requiring physical hardware at client’s premises. CloudHSM offers the same security level and capabilities as Securosys’ on-prem HSMs but is managed by Securosys. Securosys has no access to customer data.
Which server regions do you offer?
Securosys CloudHSM is available in the European Community, in Switzerland, in Asia and in the United States of America. For redundancy and availability purposes, these HSMs are deployed in a cluster configuration that keeps all data synchronous over multiple HSMs. With this setup, CloudHSM can offer any organization local, regional, or global HSM-clusters, providing access points in different locations, bringing latency down and offering the service in the relevant jurisdiction.
Does your CloudHSM subscription support Bitcoin and other cryptocurrencies?
Yes, Securosys CloudHSM supports multiple cryptocurrencies, including Bitcoin and many others. Most cryptocurrency algorithms are supported including e.g. BLS or Schnorr. CloudHSM is designed to provide secure key management not only for cryptocurrency transactions but also for any type of blockchain-based solutions.
How do I integrate CloudHSM with my existing applications?
Integration with Securosys CloudHSM is seamless, and supports a wide range of industry-standard APIs, including PKCS#11, openSSL, Microsoft CNG, JCE/JCA, and RESTful APIs. This makes it easy to integrate with various applications, including web services, enterprise systems, and cloud platforms. More details here.
Do I need to maintain any hardware or software?
No, CloudHSM is a fully managed service that automates hardware provisioning and software patching. It eliminates the need for upfront infrastructure investments, offering a scalable solution that simplifies security management and minimizes operational effort.

What are the pricing models for CloudHSM?
CloudHSM is offered in a subscription model, tailorable to meet diverse security needs. For more information please contact Securosys Sales or visit the Cloud Console platform. More details on our service offerings here.
What kind of support and maintenance is provided with CloudHSM?
CloudHSM includes 24/7 support with comprehensive maintenance services. This ensures that your system stays up-to-date with the latest security features, software updates, and performance optimizations.
Is your service certified?
Yes, Securosys CloudHSM leverages Securosys Primus HSMs, certified for FIPS 140-2 Level 3, Common Criteria EAL4+, EN 419 221-5, and ISO/IEC 27001, ensuring top-tier security and compliance, which are required for sensitive data and cryptographic operations. More details here.
Securosys holds my key material. Is it possible to have my own backup?
Yes, while the CloudHSM service redundantly secure the key material, one can additionally perform manual backups through the Decanus Remote Terminal.  This ensures that CloudHSM users maintain full control over their keys and certificates and can recover them at any time. More details here.
Is there a migration path from Cloud to on-premises?
Absolutely. Securosys provides a smooth migration path from CloudHSM to on-prem HSM solutions. If you wish to move to a private or hybrid environment, we offer the necessary tools and support to transfer your key material securely between cloud and on-prem HSMs.

Related Products

cloud-key-colourful CloudHSM Service Offerings Our CloudHSM offerings provide versatile solutions tailored to meet diverse security needs. Multiple Solution Architectures cover most of the requirements and with over 30 pre-configured and well-documented services map-sphere-b&w Cloud Console Effortless setup and management of your cloud-based HSM solution, through a fast, user-friendly cloud console. device-hsm-colourful HSM Overview Our Primus HSM guarantees secure generation, storage, and management of digital identities, encryption keys, and assets.
cloud-key-colourful CloudHSM Service Offerings Our CloudHSM offerings provide versatile solutions tailored to meet diverse security needs. Multiple Solution Architectures cover most of the requirements and with over 30 pre-configured and well-documented services
map-sphere-b&w Cloud Console Effortless setup and management of your cloud-based HSM solution, through a fast, user-friendly cloud console.
device-hsm-colourful HSM Overview Our Primus HSM guarantees secure generation, storage, and management of digital identities, encryption keys, and assets.
cloud-key-colourful CloudHSM Service Offerings Our CloudHSM offerings provide versatile solutions tailored to meet diverse security needs. Multiple Solution Architectures cover most of the requirements and with over 30 pre-configured and well-documented services
map-sphere-b&w Cloud Console Effortless setup and management of your cloud-based HSM solution, through a fast, user-friendly cloud console.
device-hsm-colourful HSM Overview Our Primus HSM guarantees secure generation, storage, and management of digital identities, encryption keys, and assets.
cloud-key-colourful CloudHSM Service Offerings Our CloudHSM offerings provide versatile solutions tailored to meet diverse security needs. Multiple Solution Architectures cover most of the requirements and with over 30 pre-configured and well-documented services
map-sphere-b&w Cloud Console Effortless setup and management of your cloud-based HSM solution, through a fast, user-friendly cloud console.
device-hsm-colourful HSM Overview Our Primus HSM guarantees secure generation, storage, and management of digital identities, encryption keys, and assets.