what is an hsm

A Hardware Security Module (HSM) is a physical computing device that provides extra security for sensitive data. It is a specialized, highly trusted physical device that safeguards and manages cryptographic keys and provides cryptographic processing. HSMs are used to provision cryptographic keys, perform encryption and decryption functions for digital signatures, strong authentication, and other cryptographic functions. They are used for real-time authorization and authentication in critical infrastructure and are typically engineered to support standard high availability models including clustering, automated failover, and redundant field-replaceable components. HSMs provide both logical and physical protection of cryptographic keys and other secrets from disclosure, non-authorized use, and potential adversaries. HSMs are used by businesses to keep cryptographic functions related to transactions, identities, and applications separate from regular operations and to control access to those functions. HSMs support a range of application programming interfaces (APIs) that enable application integration and the development of custom applications, including the Public-Key Cryptography Standard and Cryptography API Next Generation. Any business that handles valuable or sensitive information should consider using an HSM.