High availability and disaster recovery
IBM Cloud® Hyper Protect Crypto Services is a highly available, regional service with automatic features that help keep your applications secure and operational.
Learn more about availability and disaster recovery strategies of Hyper Protect Crypto Services.
Locations, tenancy, and availability
You can create Hyper Protect Crypto Services resources in one of the supported IBM Cloud regions, which represent the geographic area where your Hyper Protect Crypto Services requests are handled and processed. Each IBM Cloud region contains multiple availability zones to meet local access, low latency, and security requirements for the region.
As you plan your encryption at rest strategy with IBM Cloud, keep in mind that provisioning Hyper Protect Crypto Services in a region that is nearest to you is more likely to result in faster, more reliable connections when you interact with the Hyper Protect Crypto Services APIs. Choose a specific region if the users, apps, or services that depend on a Hyper Protect Crypto Services resource are geographically concentrated. Users and services who are far away from the region might experience higher latency.
Your encryption keys are confined to the region that you created them in. Hyper Protect Crypto Services does not copy or export encryption keys to other regions.
In-region data redundancy and failover
Multiple crypto unitsA single unit that represents a hardware security module and the corresponding software stack that is dedicated to the hardware security module for cryptography. in a service instance are automatically synchronized and load balanced across multiple availability zones. If one available zone that contains your provisioned service instance cannot be accessed, Hyper Protect Crypto Services has automatic in-region data failover in place. The service follows IBM Cloud requirements for planning and recovering from disaster events. For more information, see Disaster recovery.
Cross-region disaster recovery
IBM also performs cross-region backup for your key resources. Your data is automatically backed up in another supported region daily. Depending on where you create your instance and your requirements for recovery time, you can restore your data in case of a regional disaster with the following options:
- If you create your instance in Dallas (
us-south
) or Washington DC (us-east
) and you enable failover crypto units, the failover crypto units back up the operational crypto units and keystores in another region. When a regional disaster occurs, your data is restored automatically with the failover crypto units to reduce the downtime and data loss. For more information about how to use failover crypto units to restore data, see Restoring your data by using failover crypto units. - If you don't enable failover crypto units, you can use the default daily backup to restore your data. In this case, you need to open a support ticket so that IBM can create a new service instance in another supported region to restore your data from the backup. Then, you need to manually load your master key to the new instance again to make it work. In this process, you're the only person who owns the master key. IBM administrators or any third-party users can't access your data or keys in the backup or the restored service instance. For more information about the recovery process, see Restoring your data by opening an IBM support ticket.