Compliance

Securosys CloudHSM is powered by physical Hardware Security Modules (HSMs), specifically Primus HSM, which have earned the certifications listed on this page.

For clusters in FIPS mode, Securosys CloudHSM provides FIPS-approved HSMs that meet FIPS-2 Level 3 compliance requirements. Customers also have the option to choose clusters that are non-FIPS mode. For details on what certification and compliance requirements apply to each, review the different Service Packages.

FIPS 140-2 Level 3

Indicates that the HSMs have strong physical security, controlled access, and robust key management practices, making it suitable for protecting sensitive information in various applications.

• FIPS 140-2 Level 3 - Certificate #4583 / Certificate #3430
• FIPS 140-3 (Certification in progress) - View the Implementation Under Test List

Cryptographic Algorithm Validation Program (CAVP)

Indicates that the algorithms and functions meet stringent security standards, verifying their ability to securely handle encryption, key management, and other cryptographic operations in compliance with federal regulations.

Explore the detailed algorithm certificates

Common Criteria EAL4+ - View the HSM certificate | View the QSCD attestation

Securosys CloudHSM uses real Hardware Security Modules (HSMs) that are Common Criteria EAL4+ certified and comply with EN 419 221-5.

This ensures compliance with the strict requirements for Qualified Electronic Signature (QSCD) and Seal Creation Device (QSealCD) as well as SCAL2 compliance according to EU regulation 910/2014, normed in EN 419-241-2.

ISO/IEC 27001 - View the certificate

This certification reflects the high standards upheld by the team responsible for managing and securing the service, particularly in protecting sensitive information, risk management, and security controls.

All data centers hosting CloudHSM instances worldwide are also ISO/IEC 27001 certified and meet or exceed Tier 3 standards, ensuring robust physical security and infrastructure resilience.

ISO 9001:2015 - View the certificate

This certification demonstrates Securosys’s commitment to high standards of quality management across its operations. It ensures that every aspect of the service, from design to delivery, follows a systematic and reliable process that prioritizes customer satisfaction and continuous improvement.

Last update: September 2024