Hardware Security Module (HSM) data encryption with SafeNet

Besides the default encryption method, Password Manager Pro (PMP) provides support for SafeNet Luna PCIe HSM to give administrators the option to enable hardware data encryption for PMP.

SafeNet Hardware Security Module (HSM):

You can integrate PMP with the SafeNet Hardware Security Module that can handle all the encryption and decryption methods. In addition to this, SafeNet HSM can also store the encrypted key directly in its hardware module that is fitted to a computer or a network server.

PMP's integration with SafeNet Luna PCIe HSM allows you to use the HSM to encrypt your data as well as to store it within the device itself.

How SafeNet HSM works

How to configure SafeNet HSM for PMP

If you choose SafeNet HSM as your encryption method, you first need to configure the HSM device for your network requirements.

You can download the SafeNet installation guide for steps on that.

After the installation process is complete, use command prompt to choose a slot number and set a password for the HSM. Once the set up is done, this slot number and password will be used to switch encryption methods.

After testing the HSM connection, you may continue with the migration process.

How to migrate to the SafeNet HSM Encryption method.

You can follow the below steps to initiate the migration:

  • Stop the PMP service.
  • Open a command prompt and navigate to <PMP_SERVER_HOME>\bin directory.
  • Execute the following command:

For Windows
MigratePMPEncryptionToSafeNetHSMEncryption.bat

For Linux
sh MigratePMPEncryptionToSafeNetHSMEncryption.sh

This will bring up the following dialog box:

Here, enter the SafeNet HSM password and slot number in the dialog box and click on Migrate.

Restart the PMP service to complete the migration.

To check which method of encryption is currently applied to your data, go to the Admin tab in Password Manager Pro GUI and select 'Encryption and HSM' under Manage.

©2014, ZOHO Corp. All Rights Reserved.

Top