Backups

The synchronization of subscriber key data within the HSM cluster operates seamlessly, ensuring redundancy and data integrity. This automatic process guarantees that vital cryptographic assets are consistently mirrored across multiple HSMs within the cluster, bolstering resilience against potential system failures or data loss scenarios.

Additionally, to safeguard against inadvertent deletion or loss of keys, key invalidation functionality is enforced within the partitions by default, unless specifically opted out of by the client. This measure serves as a protective barrier, preventing customers from accidentally erasing keys via the API, thereby enhancing data security and mitigating operational risks.

For our CloudHSM ECO, ECO CC and, where applicable, PLATINUM service packages, an automated backup of the HSMs located in our backup data center is performed daily via WebDAV. This ensures that all critical data is securely backed up on a regular basis. The backups are encrypted and can only be restored to the same HSM cluster. They are retained for a period of 10 days, providing a reliable and efficient way to recover data in the event of any issues or failures. This daily backup process is a key component of our comprehensive disaster recovery strategy, ensuring the integrity and availability of your cryptographic keys and sensitive information.

Furthermore, partition data of tenants can be restored upon request through our Support Portal. Restoration requests can be made within the aforementioned retention period and will be processed at an additional cost. This service provides an added layer of security and peace of mind, knowing that your data can be retrieved quickly and efficiently when needed.

It is important to underline that Securosys refrains from creating other backups of HSM partition data, including key objects, outside the confines of the HSM cluster, except in certain circumstances necessitated by specific maintenance activities. In such cases, backups are encrypted and securely stored on USB storage devices, rendering them inaccessible to unauthorized entities. These encrypted backups are stored offline in a vault and are deleted after 180 days, at the latest, to adhere to data retention policies and uphold stringent security standards.

For added flexibility and control, subscribers have the option to perform backups of partition data outside the CloudHSM platform using either the partition management interface or programmatically via the API. However, it is the responsibility of the subscriber to ensure the appropriate security measures are implemented to safeguard such backups effectively. Importantly, the export of data via the API is possible, provided that the keys are explicitly designated as exportable during their creation, and the partition security policy setting permit key export.