Azure Key Vault Managed Hardware Security Module (HSM) has launched external key management in public preview. This feature allows customers to store their encryption keys outside Azure datacenters, addressing regulatory compliance needs for further sovereignty over key management.
Azure Key Vault Managed HSM has introduced external key management in public preview, enabling organizations to keep their encryption keys outside Azure datacenters. This addresses the needs of customers with stringent regulatory requirements regarding key management sovereignty.
Managed HSM offers strong sovereignty, generating and storing keys in a dedicated, single-tenant FIPS 140-3 Level 3 HSM. Microsoft has no access to the key material, ensuring complete customer control over who can utilize each key.
The Managed HSM service includes a cryptographic isolation environment, multiperson control requiring a quorum of RSA key pairs, and local role-based access control. Customers also benefit from key attestation that verifies key generation within the secure HSM environment.
The introduction of external key management is significant for organizations with strict compliance needs, as it provides additional infrastructure choice while maintaining secure key operations. This aligns with the trend of increasing demand for transparency and control in cloud services.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
Azure Key Vault Managed Hardware Security Module (HSM) has launched external key management in public preview. This feature allows customers to store their encryption keys outside Azure datacenters, addressing regulatory compliance needs for further sovereignty over key management.