HSM on Demand for CyberArk provides a root of trust for CyberArk Privileged Access Security Solution’s top-level encryption key in an HSM.
HSM On Demand for CyberArk generates and stores the server keys, providing private key protection and strong entropy for key generation for CyberArk Privileged Access Security Solution system keys.
Together, HSM on Demand for CyberArk secures the master key that is used within the vault, and is hosted in a secure environment. HSM On Demand for CyberArk mitigates the risk of the master key being exposed or compromised by protecting it in a secure vault.
- Manages keys and certificates within carefully designed cryptographic boundaries
- Provides robust access control mechanisms
- Simplify security audits by following industry best practice for key security
- Ensures that data protected by CyberArk Privileged Access Security Solution is always protected
- Enables policy enforcement
- Ensures keys are only used for their authorized purpose
- Reduces administration overhead