The data security architecture of the financial sector is in the process of transitioning away from on-premises infrastructure to cloud-hosted infrastructure. Initially, payment applications and payment HSMs were managed onpremises at an organization’s own data centers. Over time, many organizations migrated to the cloud in order to increase scalability and reduce internal IT operating costs.
As organizations moved to partial cloud environments, payment applications were moved to the cloud while HSMs were maintained on-premises. This hybrid approach allowed for flexibility and redundancy for the payment application. But there was still the burden of managing HSMs on-premises. This included staff training, compliance audits, and higher up-front capital expenditure.
After fully realizing the benefits of the cloud, many payment services providers found that moving HSMs to the cloud provided more opportunities to lower their total cost of ownership (TCO) while raising efficiency. Today, many organizations host their payment applications with a public cloud provider and their HSMs with a cloud HSM service, such as Futurex’s VirtuCrypt cloud payment HSM service. These organizations reap the benefits of hosting in the cloud – flexibility, customizability, reduced cost – and maintain the high standard of hardware-backed security. Organizations self-manage the connection between their payment applications and their cloud HSMs.
When using cloud HSMs that are natively integrated with public cloud providers, operational burdens are significantly reduced. Networking infrastructure is simplified, onboarding is faster, and high availability (multi-cloud and multiregion) is easier to attain. As an added bonus, operational tasks like invoicing and payments are built on top of the organization’s existing public cloud account management structure.
