If the primary backup key becomes unavailable and no secondary backup key exists, the system cannot decrypt the encrypted data.Primary and secondary data encryption keys
The Virtual Storage Platform G200, G400, G600, G800 Virtual Storage Platform F400, F600, F800, and Virtual Storage Platform G1000 automatically create a primary backup of each data encryption key and store this backup on each MP package. The Encryption License Key feature enables you to create secondary backups of the data encryption keys for the Virtual Storage Platform G1000. If the primary backup key is unavailable, the secondary backup is required to restore the key.
If the primary backup key becomes unavailable and no secondary backup key exists, the system cannot decrypt the encrypted data.
It is strongly recommended that you back up each key or group of keys immediately after you create them and schedule regular weekly backups of all keys to ensure data availability. You are responsible for storing the secondary backup keys securely.
It is also recommended that you back up each key after you perform any of the following operations:
Creating encryption license keys
Adding, removing, or replacing drives
Adding, removing, or replacing disk adapters for VSP G400, G600, G800 or VSP F400, F600, F800
Replacing controllers for VSP G200
Updating CEK keys
Updating KEK keys
The creation and secure storage of secondary backup encryption keys must be included as part of your corporate security policy.
Related references