Enterprises have significant challenges in controlling and maintaining the safety of their keys and passwords that protect their data in the cloud. They make use of on-premises Hardware Security Module (HSM) appliances, which are costly and difficult to manage. Microsoft is introducing Azure Key Vault which is exactly focused on solving the problems around managing HSM. Azure Key Vault can be configured in few mins, without the need to deploy, wait for, or manage an HSM and has a single programming model across HSM-protected and software-protected keys. This makes it easier and more economical for customers to encrypt sensitive data, sign certificates, and safeguard secrets in the cloud.
With Key Vault, we are providing customers with:
- Enhanced data protection and compliance – Protect cryptographic keys and sensitive data like passwords with asymmetric keys in Hardware Security Modules (HSMs) with FIPS 140-2 level 2 and Common Criteria EAL4+ certification.
- All the control, none of the work – Provision new vaults and keys in minutes and centrally manage keys, sensitive data, and policies. You maintain control over your encrypted data—simply grant permission for your own and third party applications to use keys as needed. The service offers a unified programming model across key types, so it is easy to enable developers to develop and test with software-protected keys and migrate seamlessly to production with HSM-protected keys without any code changes.
- Achieve scale and boost performance – Improve performance of cloud applications by storing cryptographic keys in the cloud. Key Vault scales with the demand of your cloud application without compromising on security. It offers HSM-protected key management that is truly ready for cloud-scale applications.
Key Vault Preview is available in East US, North Central US, North Europe, West Europe, East Asia, and Southeast Asia.
Read more about it here.