General Availability: Purview Customer Key Using Managed HSM


We are excited to announce the general availability of Purview Customer Key using Managed HSM.This new feature enhances your data security by allowing you to manage and control your own encryption keys using Azure Managed HSM. This release is the result of the efforts Microsoft 365 Data-At-Rest Encryption Engineering team.


With Customer Key using Managed HSM, you can: 

  • Achieve higher security: Managed HSM provides dedicated, FIPS 140-2 Level 3 validated hardware for key protection, offering enhanced security over standard Azure Key Vaults. 
  • Ensure compliance: Meet stringent regulatory and compliance requirements with the advanced security features of Managed HSM. 
  • Maintain control: Enjoy full control over your encryption keys, including key lifecycle management, within a highly secure, tamper-resistant environment. 
  • Enhance performance: Benefit from the high availability and scalability of Managed HSM for critical workloads. 


Purview Customer Key now supports three different options for key storage including Standard Azure Key Vault, Premium Azure Key Vault and Managed HSM. For more details about the differences between these options, see How to choose the right key management solution


Start leveraging the enhanced security and compliance benefits of Customer Key using Managed HSM today. For more information, visit Set Up Customer Key or learn more about Azure Key Vault and Managed HSM


With Gratitude, 

M365 Data-at-Rest Encryption 

0 Replies