[deepsun]

But if that HSM module or machine suddenly dies, the system would lose all the customer's files. Not good.

[awesomeMilou]

If I understand it correctly, the HSM on the HDD dying is about as likely as a HDD PCB failure. Of course in these scenarios you can't just swap the PCB's to recover the data, but in an Enterprise setting you would have mitigated this anyways, by using a form of redundant storage. If you rely on just one drive for your data's continued existence, you're doomed anyways.

[0] https://wiki.archlinux.org/title/Self-encrypting_drives

[Damogran6]

That's when you fall back to your backup processes....you HAVE backup processes, don't you? (They're resilient against ransomware, aren't they?)

[deepsun]

But parent said to "nuke" the encryption key. :shrug:

[Damogran6]

I'm the parent. Take the key that decrypts the disk...overwite/dealloc/zero/forget the key...the disk is ready for it's next mission.