This blog post has been co-authored by May Chen, Product Manager, Azure Security.
The growing trend for running payment workloads in the cloud
Momentum is building as financial institutions move some or all their payment applications to the cloud. This entails a migration from the legacy on-premises applications and hardware security modules (HSM) to a cloud-based infrastructure that is not generally under their direct control. Often it means a subscription service rather than perpetual ownership of physical equipment and software. Corporate initiatives for efficiency and a scaled-down physical presence are the drivers for this. Conversely, with cloud-native organizations, the adoption of cloud-first without any on-premises presence is their fundamental business model. End-users of a cloud-based payment infrastructure expect reduced IT complexity, streamlined security compliance, and flexibility to scale their solution seamlessly as their business grows.
Cloud offers significant benefits. Yet, there are challenges when migrating a legacy on-premises payment application (involving payment HSM) to the cloud that must be addressed. Some of these are:
Shared responsibility and trust—what potential loss of control in some areas is acceptable?
Latency—how can an efficient, high-performance link between the application and HSM be achieved?
Performing everything remotely—what existing processes and procedures may need to be adapted?
Security certifications and audit compliance—how will current stringent requirements be fulfilled?
The Azure Payment HSM service addresses these challenges and delivers a compelling value proposition to the users of the service.