Backup and Restore your Luna HSMs Across Hybrid Cloud and On-premises Environments

Securing, storing and managing encryption keys and digital identities in a high assurance can be critical.  Maintaining keys in hardware throughout their life-cycle is a best practice mandated by system security auditors and certification bodies responsible for attesting to the security status of cryptographic systems. The Thales Luna Backup HSM ensures your sensitive cryptographic material remains strongly protected in FIPS 140-2 Level 3 hardware even when not being used.

New DPoD Luna HSM Backup Service

Thales Luna HSMs now provide you with the flexibility to securely backup and restore HSM key material in the environment of choice. A single client supports both Luna HSMs and Luna Cloud HSM from Data Protection on Demand (DPoD), providing a seamless integration between the two and allowing the flow of keys from on-premises to cloud and cloud to on-premises in a purpose built-hybrid solution.

Automatic key replication is enabled for backup between Luna Cloud HSM and Luna HSMs on-premises (including Luna Backup HSM) and also for Azure, IBM and AWS dedicated Luna HSMs. Password-based HSMs are supported today with PED support planned for Q3 2020. The solution is ideal for customers who are increasingly needing to maintain control of keys across multiple cloud and non-cloud environments.


The new DPoD Luna HSM Backup service is simple to deploy, seamlessly integrates with Luna HSM appliances and offers a 99.95% SLA. You can than easily backup and duplicate keys securely for safekeeping in case of emergency, failure or disaster.

High Availability

Customers can also use the Thales on premise Luna HSM and the Luna Cloud HSM (DPoD) in creating High-Availability zones between the two. For example if for one reason or another the on premise HSM appliances become unavailable customers can automatically failover into the DPoD service and utilize the Cloud HSM capability.


For more information on this subject >>> Contact us