Secret Server can be configured to use a SafeNet HSM, or paired HSMs, for failover during installation.
The HSM is a hardware device that handles the encryption/decryption in hardware. As the encryption keys are stored within the hardware device itself, and never leave the device, use of a HSM increases the security of the encrypted data.
SafeNet HSMs are FIPS 140-2 certified and are typically used by government and military customers.
Secret Server does not require an HSM in order to function but it’s available as an option for environments that require the highest level of security. If you want to deploy Secret Server with a SafeNet HSM please notify your Account Manager so they can provide pricing for the HSM hardware.