Security Guidance

Your nShield HSM protects the confidentiality and integrity of your Security World keys. However, as with all secure systems, administrators must remain diligent concerning the entities who are given access the system. All network traffic between KeySafe 5 and clients using the UI, the REST API, or both passes through a secure channel. This TLS based secure channel is set up using token-based client authentication.

Entrust recommends the following security-related actions:

  • Ensure that log levels are set appropriately for your environment.

    More verbose log levels might expose information that is useful for auditing users of KeySafe 5, but the log information also reveals which REST API operations were performed. While this log information might be useful for diagnostics, it could also be considered sensitive and should be suitably protected when stored.

  • Rotate the logs regularly. The log files could grow quickly if left unattended for a long time. The system administrator is responsible for log rotation.

  • Verify the integrity of the KeySafe 5 tar file before executing it. You can verify the integrity of this file with the published hash.

  • Suitably protect the network environment of KeySafe 5 to maintain its availability, for example using firewalls and intrusion detection and prevention systems.

  • Ensure that the KeySafe 5 platform’s system clock is set accurately and only authorized system administrators can modify it so that the platform correctly interprets certificate and token lifetimes.

  • Ensure that only authorized system administrators have access to the KeySafe 5 system, and only trusted software is run on the platform hosting KeySafe 5.

  • Take standard virus prevention and detection measures on the platform hosting KeySafe 5.

  • The system administrator should consider whether threats in the KeySafe 5 deployment environment would justify the encryption of the sensitive configuration data held in Kubernetes secrets, see Kubernetes documentation.