nCipher Security nShield as a Service

Additional Info

CompanynCipher Security
Company size (employees)100 to 499
Type of solutionHardware


nShield as a Service is a subscription-based solution for generating, accessing and protecting cryptographic key material, separately from sensitive data, using dedicated FIPS 140-2-certified nShield Connect HSMs.

Deploying nShield in a service-oriented manner delivers a cloud provider agnostic solution, ensuring the enterprise is always in control of their crypto assets and enabling applications and workloads to be moved between cloud providers without complex migration strategies, rekeying or rework and avoiding any risk to key material during the change of provider. nShield as a service can be adopted as a replacement for, or alternative to, on-premises HSMs or used to supplement capacity to deal with spikes in demand. nShield-as-a-service connects HSMs to the enterprise network, enabling applications to leverage cryptography as if locally attached ensuring control of key material is retained by the enterprise while benefiting from migrating their workloads to the cloud.

How we are different

An advantage of subscribing to nCipher Security’s nShield as a service is the considerable benefits of outsourcing the management and administration of the HSMs to nCipher’s dedicated team who will manage the HSMs on behalf of the enterprise within industry best practices and PCI compliant processes. Furthermore the nCipher team can organize and run key ceremonies for the enterprise under fully compliant and auditable conditions.

Users retain control of their keys through strong multi-party authorisation (k of n model). This also means that providers cannot access keys, giving the providers themselves an element of plausible deniability. nShield-as-a-service also provides a cryptographically secure computing environment - Codesafe - which enables users to develop application code to run inside the tamper-resistant boundary of the HSMs, providing protection against Advanced Persistent Threats (APTs) as well as insider and other adversarial attacks.

Deploying nShield HSMs as a service is a powerful enabler for lowering the total cost of ownership of HSMs in the enterprise. The seamless scaling of Security World makes sharing of an estate of HSMs between geographically or logically separated users simple and straightforward.