A lot of people are concerned that their encryption keys stored in cloud services such as AWS KMS, Azure Keyvault, or GCP KMS, are not really secure. This can be a particular concern for people working in highly regulated industries. So how can you know if your keys are secure? In this video Dr Graham Steel explains the issues that our customers often ask us about.
References: The Cloud Act  AWS white paper on cloud KMS  Google Cloud white paper on KMS  What is an HSM and how does it work?  How Ledger hacked an HSM  Excerpt of ‘Security Engineering’ by Ross Anderson [7a] Recording of our webinar comparing the cloud KMS offered by AWS, GCP and Azure [7b] Upcoming webinar on third party alternatives to KMS  Webinar about real life cryptography breaches