CIO Influence
CIO Influence News Cloud Security

Microsoft Integrates Marvell NIST FIPS 140-3 Level-3 Compliant LiquidSecurity HSMs into Azure Key Vault and Managed HSM Services

Microsoft Integrates Marvell NIST FIPS 140-3 Level-3 Compliant LiquidSecurity HSMs into Azure Key Vault and Managed HSM Services

Essential technology, done right (PRNewsfoto/Marvell Technology Group Ltd.)
Marvell Technology,  a leader in data infrastructure semiconductor solutions, today announced that Microsoft—which extensively uses the Marvell LiquidSecurity family of HSMs to perform encryption, key management, and other security functions within Azure—will update its fleet of LiquidSecurity HSMs to the FIPS 140-3, Level-3 standard to further enhance its internal security posture and the portfolio of security services offered to its customers.

Marvell LiquidSecurity 1 and LiquidSecurity 2 hardware security modules (HSMs) achieved FIPS 140-3 Level-3 certification from the National Institute of Standards and Technology (NIST) in June. Stringent FIPS 140-3 certification is required by many financial institutions and government organizations and, to date, has largely been available only with traditional HSMs for on-premise use.

Also Read: Rethinking Business Intelligence: 3 Imperatives for CEOs

“We congratulate Marvell on achieving NIST FIPS 140-3, Level-3 certification of its LiquidSecurity HSMs which power our Azure Key Vault and Azure Key Vault Managed HSM services, and on which we continue to innovate new offerings,” said Soumya Subramanian, VP of Cloud Security Engineering at Microsoft Azure. “Through our collaboration with Marvell, we are able to offer Azure’s customers the most secure and compliant key management services available in Public, Sovereign or Government clouds today.”

FIPS 140 (Federal Information Processing Standard) is a set of security requirements established by NIST (National Institute of Standards and Technology) and managed by both the United States and Canada as part of the CMVP (Cryptographic Module Validation Program). They specify the security requirements that will be satisfied by a cryptographic module, providing four increasingly stringent levels intended to cover a wide range of potential applications and environments. Many government organizations and financial institutions are mandated to use NIST FIPS-certified HSMs for encryption and key management. Because of the rigorous testing required to meet this certification, the use of HSMs has grown across all markets and use cases have proliferated.

FIPS 140-3 introduces several new security enhancements over FIPS 140-2. This new NIST FIPS 140-3 certification will eventually replace FIPS 140-2 certification as the latter will be moved to Historical List by September 21, 2026.

Transforming Encryption Through Optimized Processors

LiquidSecurity devices were created to eliminate the friction associated with achieving better security. A critical element of global commerce, HSMs perform the authentication and encryption processes behind secure key protection and management, credit card purchases, ATM withdrawals, sign-in services and other high-volume transactions. HSMs have historically been packaged as 1U and 2U server appliances running standard microprocessors. These appliances are managed directly by HSM users and deployed on their premises.

Also Read: Intel’s Lunar Lake Processors: Arriving Q3 2024

LiquidSecurity HSMs, by contrast, are PCIe-based devices powered by OCTEON® DPUs and designed for use in dense multi-tenant cloud environments. Six of the ten largest cloud service providers use LiquidSecurity in their operations. A single LiquidSecurity2 card can manage 100,000 pairs of encryption keys and process more than one million operations per second. As a result, cloud service providers can deliver HSM services while consuming a fraction of the power, rack space and hardware required by traditional HSMs. Meanwhile, HSM users can switch from the complexity of managing hardware to the ease of subscribing to HSM services. The cloud-based model for HSMs also reduces barriers to employing HSM and encryption services for secure medical records and other transactions.

Revenue from cloud-based HSMs is expected to grow from under 15% today to over 40% by 2028, according to ABI Research.

“Marvell is uniquely positioned to take advantage of cloud-based HSM demand in the market, and remains an industry leader in the space,” said Michela Menting, senior analyst at ABI Research. “FIPS 140-3 represents the latest milestone toward a more diverse and larger market for HSM services.”

“Marvell has been leading the effort to transform HSMs into cloud-based devices since 2015,” said Will Chu, senior vice president and general manager of Custom Compute and Storage at Marvell. “Microsoft has shared in this vision of modernizing the HSM market and we are thrilled to continue working side by side with Microsoft to help Azure customers benefit from the latest security standards for the most demanding applications deployed at cloud scale.”

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]

Related posts

CTSI Acquires Enterprise Security Solutions

UPSTACK Hires Meghan Hambacher Wilkinson as Senior Vice President of Customer Experience

Intel Editorial: PCs are Central to Delivering on Our Purpose

CIO Influence News Desk