Google Cloud Platform is launching a new hardware-based offering to complement its Cloud Key Management Service with new standards compliant key generation methods to help customers with their most sensitive information.
The new enterprise service, called Cloud HSM, is designed for the creation of cryptographic keys via dedicated hardware security modules (HSM). This will allow companies to have FIPS 140-2 Level 3 compliant cryptography without the overhead and fuss of managing the hardware themselves, such as patching and scaling. Offloading the work to Google Cloud also comes with the benefit of integration with other Google products:
And because the Cloud HSM service is tightly integrated with Cloud KMS, you can now protect your data in customer-managed encryption key-enabled services, such as BigQuery, Google Compute Engine, Google Cloud Storage and DataProc, with a hardware-protected key.
The hardware supports encryption & decryption with AES-256 symmetric and RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 asymmetric cryptographic keys. Pricing starts at $0.03 per 10,000 operations. You can learn more about Cloud HSM from its homepage and documentation.