Skip to main content
Man using a tablet in the dark

Secure authentication and encryption – that’s the power of PKI and HSMs

In today's data-driven world, companies rely on public key infrastructure (PKI) to secure data, empower e-commerce, and support the growth of the Internet of Things (IoT). While the digital world offers immense potential, it has its security challenges, including how identity and certificate encryption keys are generated, safeguarded, and managed.

Entrust nShield® hardware security modules (HSMs) are purpose-built to provide an uncompromising layer of security, shielding your cryptographic keys from unauthorized discovery. Creating a robust root of trust, Entrust HSMs enhance key generation, signing, and encryption, protecting and ensuring the integrity of your sensitive data and transactions.

nShield general purpose HSMs

nShield HSMs are certified, hardened, tamper-resistant devices that provide a secure environment for generating and protecting keys used for a variety of applications. Also available as-a-service, nShield HSMs are available in multiple form factors:

  • nShield Connect: Appliance serving multiple applications across a network. Also available as-a-service
  • nShield Solo: PCIe card serving applications on a single server
  • nShield Edge: USB-attached desktop device for lower-volume transactions
  • nShield as a Service: Subscription-based access to cloud-based cryptographic services
  • nShield HSMi: certified hardware delivering cryptographic services for Entrust secure issuance software

nShield HSMs are certified to FIPS 140-2 Level 2 and Level 3.

The benefits of using an HSM

Award logo
Regulatory compliance

HSMs help ensure compliance with industry mandates including FIPS, Common Criteria, GDPR, HIPAA, and PCI DSS, safeguarding sensitive data.

key icon white
Secure, policy-controlled access

Role-based control allows policies to be set for each key container. Admin quorum is required for smart card and PIN access to unlock HSM-stored keys.

Greater control

Use your own nShield® HSMs within your environment to securely create and export keys to the cloud.

shield icon white
Stronger security

Stronger key generation through nShield’s FIPS-certified hardware, secured by a high-entropy random number generator.

Ponemon 2022 PKI and IoT Trends Study

Download the latest study, conducted by Ponemon Institute and sponsored by Entrust, revealing insights from over 2,500 IT professionals worldwide. This study, encompassing roles from CISOs and CIOs to IT security managers, covers PKI practices, applications, and challenges. The results highlight consistent challenges in PKI deployment and management: lack of clear ownership, inadequate resources, and skill gaps.

Report thumbnail

Related Resources


Discover effective PKI and certificate key management with certified HSMs. Download the white paper from Enterprise Strategy Group “How an HSM Provides a Secure Foundation for PKI and Data Security."

Entrust Enters Exclusive Discussions to Acquire Onfido