[OrvalWintermute]

Perhaps what is needed is different levels of security that can scale according to varying requirements.

off-prem vice on prem

cloud vs discrete

cloud vendor vs Evervault vs customer only HSMs

Speaking of my specific requirements for HSMs, am most interested in high security use-cases for which cloud, off-prem, are less of a match.

I do think there is value in using Nitro for some of the use-cases, because some HSMs have astonishingly low MTBF.

[arcurn]

Yep, I think that makes sense. Certain use cases will have a need for some kind of on-prem/HSM approach, less from a practical perspective but more from a "doomsday modelling" perspective. Reminds me of the "nobody ever got fired for buying IBM" adage :)