PALO ALTO, CA – October 31, 2017 – Yubico, the leading provider of authentication and encryption hardware devices for the modern web, today launched the YubiHSM 2, a new, cost-effective Hardware Security Module (HSM) for servers and IoT gateways. The product delivers the highest levels of security for cryptographic digital key generation, storage, and management, supporting an extensive range of enterprise environments and applications.
The YubiHSM 2 differs from traditional HSM models — historically limited in use by cost, size, and performance — by offering advanced digital key protection capabilities and benefits at a price within reach for all organizations. Delivered in an ultra-slim “nano” form factor, the YubiHSM 2 fits inside a USB port, eliminating the need for bulky additional hardware, and offers flexibility for offline key transfer or backup.
Essential security features, including hashing, asymmetric, and symmetric cryptography, are supported by the YubiHSM 2 to protect cryptographic keys while at rest or in use. These keys are most often used by certificate authorities, databases, code signing, and more, to secure critical applications, identities, and sensitive data in an enterprise. Furthermore, the integrity and privacy of commands and data in transit between the application and YubiHSM 2 are protected using a mutually authenticated, integrity- and confidentiality-protected tunnel.
“It’s estimated that 95% of all IT breaches happen when a user credential or server gets hacked. For years Yubico has been protecting user accounts from remote hijacking with our unphishable YubiKey authentication devices, but we knew that millions of servers storing sensitive data were still lacking physical security,” said Stina Ehrensvard, CEO and Founder, Yubico. “It was important to us that we brought a solution to market that embodied the signature Yubico standards of high-security, convenience, and affordability. Now, with the addition of YubiHSM 2, we can enable critical server security for organizations worldwide — regardless of size or budget.”
Common use cases for the YubiHSM 2 include protecting cryptographic keys stored on servers used in data centers, cloud server infrastructures, manufacturing and industrial services. Critical security benefits include:
- Secure Microsoft’s Active Directory Certificate Services – YubiHSM 2 provides a cost-effective hardware-backed key to secure digital keys used in a Microsoft-based PKI implementation. Deploying YubiHSM 2 to Microsoft Active Directory Certificate services not only guards the CA root keys but also protects all signing and verification services using the root key.
- Enhance Protection for Cryptographic Keys – YubiHSM 2 offers a compelling option for secure generation, storage and management of digital keys including essential capabilities to generate, write, sign, decrypt, hash and wrap keys.
- Enable Hardware-Based Cryptographic Operations – YubiHSM 2 can be used as a comprehensive cryptographic toolbox for a wide range of open source and commercial applications. The most common use case being hardware-based digital signature generation and verification. The YubiHSM 2 features can be accessed through Yubico’s Key Storage Provider (KSP) for industry-standard PKCS#11 or Microsoft’s CNG, or via native Windows, Linux and macOS libraries.
Additional features include, optional network-sharing, role-based access controls, remote management, M of N wrap key backup and restore, tamper evident audit logging, concurrent connections (up to 16), and extensive cryptographic capabilities (RSA, ECC, ECDSA (ed25519), SHA-2, and AES).
For more information on the YubiHSM 2, visit https://www.yubico.com/products/yubihsm. Units are available for purchase at www.Yubico.com/store for $650 US. To learn more about Yubico and the company’s products and ecosystem, please visit www.Yubico.com.
About Yubico
Yubico sets new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts.
The company’s core invention, the YubiKey, delivers strong hardware protection, with a simple touch, across any number of IT systems and online services. The YubiHSM, Yubico’s ultra-portable hardware security module, protects sensitive data stored in servers.
Yubico is a leading contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor open authentication standards, and the company’s technology is deployed and loved by 9 of the top 10 internet brands and by millions of users in 160 countries.
Founded in 2007, Yubico is privately held, with offices in Sweden, UK, Germany, USA, Australia, and Singapore. For more information: www.yubico.com.
