Where did my HSMs go?

It doesn’t seem that long ago that HSM security was an inbuilt part of most card payment applications. The Atalla HSM (Host Security Module) has been a part on the HPE NonStop world since, well, Tandem’s very early days. Card Payments applications and most systems actually need these HSM units to secure information, encrypt Card PINS, tokenise card numbers, protect key card data, as well as protect the very Master Keys that hold the keys to the card kingdom. But the world of security was turned upside down with the arrival of the Internet.

Security and encryption are a key part of virtually every computer component that you are familiar with. Even your motor car now is just a data centre with 4 rubber tyres on the side – that needs security protection. If you enjoy the benefits of a smart home, controlling your heating or lights from your mobile, then you need security for that too.

There is virtually no aspect of modern life that can function without it. And the security needs to keep on improving, because we all read in the papers of a new data loss virtually every week. The UK’s EuroStar cross-channel train-service from London to Paris and Brussels had to reset its user passwords this week. Whoops!

In the midst of all this, my eye was caught by the movement of Atalla HSM business, which was initially spun off from HPE to Microfocus, and is now again being spun off to Utimaco of Germany. No, I’d never heard of them either. Utimaco will gain a foothold into the payments market through this acquisition where until now they have had little presence. Data loss prevention, keeping user data secure are now the number one concern for companies the world over. Whether in the cloud or on-prem companies are upping their game in an effort to stay one step ahead of the Fraudsters. Security Providers now offer both On-prem and Cloud-based solutions, with the real growth being in the cloud.

Security departments in organisations lead by CISOs are now bigger and more prominent than the payments group. It’s no longer enough just to tag on an HSM box to the application system. Security is now at the heart of everything companies do to ensure they do not become the target of the next hacking scandal.

Security now is virtually everything.

Craig Lawrance
Business Development at Starkspur &
VP EMEA OmniPayments
[Reposted following posting to the Starkspur blog on November 1, 2018]