Key Management in AWS: How Netflix Secures Sensitive Data Without Its Own Data Center

9bafe8f749b8681f57d6179e5d6943e9?s=47 Bryan Payne
October 21, 2015

Key Management in AWS: How Netflix Secures Sensitive Data Without Its Own Data Center

Netflix has embraced the cloud paradigm by moving its entire product into AWS. Fulfilling this vision meant finding a solution for every piece of our ecosystem in the cloud, including storage of our most sensitive cryptographic keys. We accomplished this using AWS CloudHSM, combined with a custom solution that handles cross-region key replication, failover, and more. This talk will discuss Netflix’s Cryptex service and how it balances security and agility in ways that bring HSM-level security into the toolkit of modern cloud application deployments.

This talk was given at JPL in October 2015.

Thanks to Jay Zarfoss for creating many of the slides!

9bafe8f749b8681f57d6179e5d6943e9?s=128

Bryan Payne

October 21, 2015
Tweet