End of service and disposal
SafeNet (Thales Luna) HSMs and appliances are deployed into a wide variety of markets and environments. Arranging for the eventual disposal of a SafeNet HSM or HSM appliance that is no longer needed can be a simple accounting task and a call to your local computer recycling service, or it can be a complex and rigorous set of procedures intended to protect very sensitive information.
Needs Can Differ
Some users of SafeNet HSMs employ cryptographic keys and material that have a very short "shelf life". A relatively short time after the HSM is taken out of service, any objects that it contains are no longer relevant. The HSM could be disposed of, with no concern about any material that might remain in it.
The majority of our customers are concerned with their keys and objects that are stored on the HSM. It is important to them that those items never be exposed. The fact is that they are never exposed, but see below for explanations and actions that address the concerns of auditors who might be more accustomed to other ways of safeguarding HSM contents.
SafeNet HSM Protects Your Keys and Objects
The design philosophy of our SafeNet HSMs ensures that contents are safe from attackers. Unlike other HSM products on the market, SafeNet HSMs never store sensitive objects, like cryptographic keys, unencrypted. Therefore, SafeNet HSMs have no real need - other than perception or "optics" - to perform active erasure of HSM contents, in case of an attack or tamper event.
Instead, the basic state of a SafeNet (Thales Luna) HSM is that any stored keys and objects are strongly encrypted . They are decrypted only for current use, and only into volatile memory within the HSM.
If power is removed from the HSM, or if the current session closes, the temporarily-decrypted objects instantly evaporate. The encrypted originals remain, but they are unusable by anyone who does not have the correct HSM keys to decrypt them.