Yubico debuts a thumbnail-sized encryption module for data centers
Yubico AB is best known as a maker of USB security keys that help users verify their identities when logging into important applications, but its business focus isn’t limited to personal authentication alone. The Swedish company also offers an encryption module for data centers that received a major refresh this morning.
Yubico has unveiled a new iteration of the product, the YubiHSM 2 (pictured), that promises to help companies securely store the cryptographic keys they use to encrypt their data. The module, which retails for $650, is compact enough to fit inside a USB port on a server chassis. That’s a far cry from the traditional hardware security modules normally used to handle ciphers, which are closer in size to a mobile motherboard.
Despite the compact form factor, however, the YubiHSM 2 packs an extensive feature set. Yubico says that it can not only store cryptographic keys but also generate new ones and carry out the security operations for which they’re used. The fact that this is all done directly on the device allows ciphers to be isolated from the applications using them to a large degree, which in turn makes it more difficult for would-be hackers to steal them.
For added measure, the YubiHSM 2 only shares interacts with workloads via mutually authenticated connections. And all activity is recorded on the device in the form of a hash chain, a data management scheme similar to a blockchain. Each event log contains a snapshot of the preceding one that makes it relatively easy to check if the entry has been tampered with.
Topping off the feature set are administrative capabilities designed to make it easier for companies to incorporate the YubiHSM 2 into their infrastructure. A remote management tool lets operations personnel centrally configure multiple modules, while access controls provide the ability to restrict how applications use keys.
Yubico has equipped the YubiHSM 2 with support for several popular cryptography schemes to accommodate different use cases. Companies can employ the module to secure sensitive applications such as databases and user directories, as well as sign the code written by their developers to verify that it hasn’t been corrupted prior to release.
Image: Yubico
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU