secure manner. After all, it’s just as important as your primary key file!

               Hardware security modules (HSMs) also provide an effective way to
               manage encryption keys. These hardware devices store and manage

               encryption keys in a secure manner that prevents humans from ever
               needing to work directly with the keys. HSMs range in scope and
               complexity from very simple devices, such as the YubiKey, that store
               encrypted keys on a USB drive for personal use to more complex
               enterprise products that reside in a data center. Cloud providers, such

               as Amazon and Microsoft, also offer cloud-based HSMs that provide
               secure key management for IaaS services.