This is a work in progress and not a release. We're looking for volunteers. See Issues to know how to collaborate.

Hardware Encryption

tag: [Engineer/Developer, Security Specialist]

Hardware encryption, such as HSM, uses dedicated hardware to encrypt data, providing robust security. Utilizing a HSM is a fairly specialized thing, but consumers are for example often using TPM.

Best Practices

  1. Enable TPM when available on your computer to enhance the security of hardware-based encryption.
  2. Consider using self-encrypting drives (SEDs) for storage to ensure data is encrypted at the hardware level.
  3. If relevant for your use case, use HSMs to securely generate, store, and manage encryption keys.