Public clouds often offer HSMs for applications hosted within that cloud. However, this HSM may be shared with other tenants. Also, they may make if difficult or impossible to move keys to another cloud should your organisation what to change providers. This can tie down your portability and make it very expensive to move between clouds as new cryptographic keys provided by the new cloud provider would need to be retrofitted into the already existing application architecture.
nShield as a Service offers a cloud-based HSM solution independent to the public clouds. Offering the tools for generating, accessing and protecting cryptographic key material using FIPS 140-2-certified nShield Connect HSMs. And each physical HSM is dedicated to one tenant, so no-one else has access to the box with your keys. This cloud-hosted model gives organizations the option to either supplement or replace HSMs in their data centres while retaining the same security and benefits as owning the appliances. nShield as a Service is cloud compatible with difference clouds and your local database, increasing an organisations portability and enabling multi-cloud environments.
Using nCipher nShield as a Service: https://youtu.be/zL80SOsNDu0
nShield information: https://go.ncipher.com/rs/104-QOX-775/images/nShield-as-a-service-ds.pdf?_ga=2.183734246.1525907818.1579111833-1425977712.1561458562&_gac=1.249169459.1579113115.EAIaIQobChMIwYeE356G5wIVR7TtCh3yLAXwEAAYASAAEgKfg_D_BwE