Show HN: VaultOne, a password and access management for companies. Thoughts?

[mtmail]

"A hardware security module, or HSM, is the only appropriate place to store privileged credentials,"

"We provide you with an exclusive hardware container, your private data is never stored together with other customers’ data."

When I read hardware I assumed it's a physical device I have to install. What you provide is still software isn't it?

[lcooper]

Yes, it's software on the cloud, you don't have to install anything. Nevertheless, your passwords and keys are stored in a HSM on the cloud. Thanks.

[Cryptohacker]

"Let your users connect to your IT infrastructure without knowing the password or key used to access the server."

How does that work?

[lcooper]

We have a component called 'Connector', which acts as a proxy between the user and the server, this component handles the authentication part of the RDP and SSH protocols.

The whole process is transparent for the user, the user clicks to connect to a server and 'magically' the authenticated session is on the user's browser window.

[mistermatt]

I would say, if it's not open source it could be a no-go for some people/companies

[lcooper]

This is a good point. We ourselves use and contribute to many open source software and we are constantly debating if we could open source at leat part of the stack.

The problem is that some parts of VaultOne may be patented in the near future to protect our IP, in the interest of investors.

For large contracts we already make the code available for review under a NDA.

[gdallo]

How HSM works?

[lcooper]

We use the HSM to store sensitive data.

[gdallo]

What is HSM, how it works?

[lcooper]

HSM stands for Hardware Security Module, which is a physical appliance that safeguards cryptographic keys.