Trustis supplies, implements and manages large numbers of Hardware Security Modules (HSMs), the majority of these being Thales or SafeNet products. We also design and deploy key management solutions for enterprise and cloud service providers.


On-demand, bespoke management of HSMs and Key Management Systems

Many customers buying HSMs or encryption solutions, or struggling with the expanding use of encryption, need help with technology choice, implementation, hosting, Key Management Policy and the specialised management these solutions require.

We deal with the difficult aspects of managing HSMs and Key Management Systems, enabling you to consume the service as you wish.

Whether the solution is hosted in our Trust Service Centre or on your premises, we can manage it for you.

As with all Trustis managed services, CaaS can be customised to suit your unique requirements to ensure that your business needs are met cost-effectively.


Keys under your control for your cloud applications &
Bring Your Own Key (BYOK) for RMS keys

Do you want to control your encryption keys outside of Azure? You may also want to integrate HSMs relied upon by applications in multiple cloud environments, have your key lifecycle managed and monitored or need a bespoke, industry-assured and audited process around managing your keys.

We offer you the choice of Managed HSMs located either at your own data centres or at our UK Trust Service Centres. This solution ensures that you have complete control over the lifecycle management of the keys that protect your data and applications, under a defined and audited process.

Trustis Managed HSMs for Azure provides SafeNet or Thales HSMs with the ability to cluster HSMs between Trustis and your own data centre. Additional key management policies and processes are available with options for monitoring and backup of keys.

We can also provide support for Microsoft Bring Your Own Key (BYOK) for customers who want to use Azure RMS but wish to seed it with their own keys. This is used when a customer wants to utilise the Microsoft BYOK approach but does not want to purchase an HSM or create or manage the keys. Full key management and backup can also be provided.