RSA Key Recovery Manager securely archives and recovers encryption keys of users to reduce the risk of data loss in the event an encryption key is lost, misplaced, or corrupted. RSA Key Recovery Manager is offered as an optional package as part of the RSA Certificate Manager solution.

RSA Key Recovery Manager features a hardware-based key generation process handled through a Hardware Security Module (HSM), offering a more secure key generation technique than software-based generation. HSMs provide secure management of private keys in that the keys never leave the module unencrypted; they are in dedicated hardware while in use and encrypted with triple DES (Digital Encryption Standard) when idle. The use of an integrated HSM enables RSA Key Recovery Manager to deliver the highest standard for security and data integrity while providing key recovery services.

RSA Key Recovery Manager also helps organizations address various storage requirements based on their varying regulatory needs and is completely configurable to meet different storage period requirements. Private encryption keys are kept strongly encrypted in secure storage on the hardware security module so that even compromises to the server's operating system will not jeopardize the security of the key database.