The Quorum Feature is no longer in the test preview stage and is now available to all tenants.

New Features and Improvements:

• Disable and Re-Enable Quorum Policies -> Tenant Admins can now disable and re-enable quorum policies directly from the Management Console without contacting Thales Support. Disabling a policy requires quorum approval at the defined threshold, and any pending or approved quorum requests under the disabled policy are automatically canceled. Re-enabling a policy takes effect immediately and does not require quorum approval.
• Quorum Approval and Revocation Notifications -> All users in the tenant now receive email notifications when a quorum is approved or revoked.
• Quorum Policy Audit Logging -> All policy enable/disable actions, quorum approvals, rejections, and automatic cancelations are now logged with complete user and timestamp details.
• Policy Change History -> A complete history of enable/disable changes and parameter modifications is now maintained for each quorum policy.
• Email Notifications for Policy Changes -> Email notifications are sent for disable requests, approver votes, quorum achievement, and quorum cancelations due to policy disablement.
• Audit Logs for Deleted Services -> The Audit Logs page now lets you filter and view results for both active and deleted services. 
• Quorum Action Logs -> Audit logs now capture quorum-related actions linked to services for a complete audit trail.
  
  For further details please see the Quorum Policies page.

• Return active Service Instances -> New optional query parameter `includeDeleted` (boolean, default `false`). When set to `true`, the response includes deleted service instances with a new `deleted_at` field. Existing integrations are unaffected. 
• Create an asynchronous job to export audit logs -> Now automatically includes logs for deleted services when the requesting user has appropriate permissions. 

Thales Data Protection on Demand  (DPoD) has introduced a new Quorum Policy feature as a tech preview.

Quorum is an authorization policy that requires approval from multiple stakeholders before critical operations (e.g., deleting a service instance) can proceed. This prevents accidental or malicious actions by enforcing multi-party consent.

During the tech preview, quorum policy can be enforced on service deletion operations.

For further details please see the Quorum Policies page.

You can now filter your audit query results by use cases and resources directly within the user interface to find security events more efficiently.

What changed: Added a filter bar with dropdown options for Status, Source, Resource ID, Actor ID, and Action to the audit results page. This enhancement allows you to isolate relevant data quickly to improve your ability to monitor and analyze system activity. 

Navigate to the Logs section in the DPoD Management Console to use the new filters.

For details on using the Audit Logs, see Audit Logs thalesdocs.com

Notification to users with accounts created before February 2025. You will need to reaccept the Terms of Service on your next login as part of the One Welcome Identity Provider migration. 

Please note that the terms themselves have not changed. 

This reacceptance is required to ensure a smooth transition and uninterrupted service access.

DPoD has introduced a new Passkey feature which includes an associated Profile page. DPoD users can now login via the "Login with a Passkey" option or by using the "Help" menu located on the Login page.

From the Profile page users have the ability to manage settings including registering multiple Passkeys and changing the password/MFA. The Profile page also includes a timeline view which displays the user activity.

For further details see the Passkey Feature page.

Resulting from recent upgrades in our back office systems users will notice the following changes in the Subscriptions table:

• New Subscription Numbers - All subscriptions are assigned a new identification number. The previously used subscription id will appear in parenthesis "()" in the number column.
• Term End Date Display- Prior to this change, the table would show a 12 month term start date as Jan 1 2025 and end date as Jan 1 2025. Going forward will show a 12 month term start date as Jan 1 2025 and end date as Dec 31 2025.
• New Overage Line - Subscriptions with an overage usage component now include a separate line item for overage.

The Luna Cloud HSM client bundle is updated to include the 10.9.0 Universal Client. Users are encouraged to upgrade to this latest client version and ensure it is supported in accordance with the Universal Client Supported Versions with Luna Cloud HSM table.

See Upgrade Client for more information about upgrading your client.

Bugs fixed 

Resolved an Invalid memory access issue when running on a Windows Cloud Plugin. 

Fixed Issue: Resolved a problem that prevented some users from viewing  Luna Cloud HSM snapshots. This fix enhances the user experience and ensures that all snapshots are accessible as intended.

As part of our ongoing infrastructure improvements, the One Welcome Identity Platform, which is used for authenticating users and Luna Clients, will be transitioning to use a new Certificate Authority (CA) in the upcoming weeks. The exact timing for this change will be posted in a maintenance window on the DPoD status page.

This change will be largely transparent to the majority of users. However, we would like to draw particular attention to users of the Luna Cloud HSM service. It is imperative to ensure that the Certificate Revocation List (CRL) distribution points for the Globalsign CA (http://crl.globalsign.com/) are accessible to your client to maintain uninterrupted service.

For a detailed overview of the network requirements for the Luna Cloud HSM service, please refer to the Client Network Connectivity documentation available on thalesdocs.com

Should you have any questions or require further clarification regarding this change, please do not hesitate to contact our support team.

The new Luna Cloud HSM Snapshot feature is now available to all users. Service snapshots allow Luna Cloud HSM users to restore their service partition to a previous snapshot to recover from zeroization or accidental deletion of keys. A snapshot is a complete capture of the state of the partition that includes all partition objects, (e.g keys and certificates), as well as the current state of credentials for partition users. 

Luna Cloud HSM Service snapshots are introduced with the following supported items:

• Snapshots in the Management UI: 
  • You can now create, view and manage service snapshots directly through the UI (User Interface).
• Daily Automatic Snapshots:
  • Snapshots automatically created every day.
  • Retained for 7 days.
• User-Generated Snapshots:
  • Create up to 3 snapshots per partition.
  • Each user-generated snapshot is retained for 3 months.
• Audit Log Integration:
  • All snapshot events are recorded in the Audit Log for full traceability.

See Service Snapshots for creating, deleting and restoring information.