I'm interested in how everyone is effectively managing encryption keys now that most users are working remotely. Specifically, if an organization is using an offline HSM but is considering going partially or entirely virtual, what are some of the cavaets and best practices with designing the architecture and choosing a KMS?
Additionally, and solution would need to be FIPS-140-2 compliant.
This is not an area where I have extensive knowledge so I am hoping some of you might be able to point me in the right direction. If my question is not clear enough, please let me know.