Q. What is the difference between a software-protected and HSM-protected key with Azure Key Vault?
A. Both types of key have the key stored in the HSM at rest. The difference is for a software-protected key when cryptographic operations are performed they are performed in software in compute VMs while for HSM-protected keys the cryptographic operations are performed within the HSM.
In test/dev environments using the software-protected option is recommended while in production use HSM-protected. The only downside with HSM-protected is an additional charge per-month if the key is used in that month.
0 comments
Hide comments
Recommended Reading
OpenStack Caracal Release Focuses on AI, Performance, Security
Apr 03, 2024
Navigating Single vs. Multiple AWS Accounts for Optimal Cloud Management
Feb 21, 2024
Big 3 Cloud Providers Continue to Outperform as AI Drives Growth
Feb 02, 2024
How To Build an International Shipping Software System
Jan 30, 2024