Online private key protection 101

Carl-Tashian.jpg

Carl Tashian

Follow Smallstep

In this video, I discuss various methods for storing and using private encryption keys in applications:

  • on-disk storage,
  • cloud key managers,
  • Trusted Platform Modules (TPMs) and Secure Enclaves,
  • and Hardware Security Modules (HSMs)

There are tradeoffs with each method: Ease of development, service dependencies, hardware isolation, and cost and compliance considerations. Some methods are geared more toward client or server applications.

Key protection is changing fast. How are you protecting your private keys? Are you looking to upgrade? Reach out to us, and we can discuss your needs. Our PKI experts are standing by.

Carl Tashian (Website, LinkedIn) is an engineer, writer, exec coach, and startup all-rounder. He's currently an Offroad Engineer at Smallstep. He co-founded and built the engineering team at Trove, and he wrote the code that opens your Zipcar. He lives in San Francisco with his wife Siobhan and he loves to play the modular synthesizer ๐ŸŽ›๏ธ๐ŸŽš๏ธ