Where Should Security Keys be Kept in the Cloud?

Published

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

The use of cryptographic keys is a linchpin of modern security. When it comes to the cloud, there is some debate as to where those keys should exist and how their placement impacts cloud security.

Andy Ellis, chief security officer at Akamai, has his fair share of experience building and deploying key management infrastructure and notes that placement all depends on the threat model.

In a video interview, Ellis details his views on key management in the cloud and also provides a preview of Akamai’s upcoming Internet security report.

“If you have a machine that creates TLS connections, for all intents and purposes it has access to the TLS keys, whether you leave them in an HSM (hardware security module) or a crypto server,” Ellis said.

Watch the video interview with Andy Ellis below:

Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

This field is required This field is required

Get the free Cybersecurity newsletter

Strengthen your organization’s IT security defenses with the latest news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

This field is required This field is required