Thales Data Protection on Demand (DPoD) now offers Luna Cloud HSM customers the ability to have their partition restored to a previous snapshot. The partition snapshot is a complete capture of the state of the partition that includes any objects, keys, certificates, etc., as well as the current state of credentials for initialized users on the partition (Security Officer, Crypto Officer, Crypto User).
Use cases for restoring partition snapshots include:
- Zeroized partition as a result of too many incorrect logins
- An invalid object created on the partition renders it inoperable
- Accidental key deletion
- User credentials were rotated and the new credentials were not captured properly
Partition snapshots are taken daily and kept for a period of 7 days. After the 7 days. the snapshot is destroyed. This creates a rolling 7-day window from which partitions can be restored.
To restore a partition, the tenant admin needs to complete the Partition Snapshot Restoration Request Form and submit a request to Thales Support to perform the restoration. Partition rollbacks can take up to 48 hours to complete.
Partition snapshot restoration is available free of charge for all DPoD customers.