← All stories
● Covered by 1 source Β· 1 reportMedium impact

Azure Managed HSM introduces external key management in public preview

Aggregated by BrevFeed cloud Β· updated 1h ago
πŸ”– Save

Azure Key Vault Managed Hardware Security Module (HSM) has launched external key management in public preview. This feature allows customers to store their encryption keys outside Azure datacenters, addressing regulatory compliance needs for further sovereignty over key management.

Key points

Introduction to External Key Management

Azure Key Vault Managed HSM has introduced external key management in public preview, enabling organizations to keep their encryption keys outside Azure datacenters. This addresses the needs of customers with stringent regulatory requirements regarding key management sovereignty.

Sovereignty and Control in Managed HSM

Managed HSM offers strong sovereignty, generating and storing keys in a dedicated, single-tenant FIPS 140-3 Level 3 HSM. Microsoft has no access to the key material, ensuring complete customer control over who can utilize each key.

Security Features of Managed HSM

The Managed HSM service includes a cryptographic isolation environment, multiperson control requiring a quorum of RSA key pairs, and local role-based access control. Customers also benefit from key attestation that verifies key generation within the secure HSM environment.

Impact on Organizations

The introduction of external key management is significant for organizations with strict compliance needs, as it provides additional infrastructure choice while maintaining secure key operations. This aligns with the trend of increasing demand for transparency and control in cloud services.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Reporting from

Azure Key Vault Managed Hardware Security Module (HSM) has launched external key management in public preview. This feature allows customers to store their encryption keys outside Azure datacenters, addressing regulatory compliance needs for further sovereignty over key management.