Protect Your Critical Keys and Data in the Cloud

Microsoft Azure Key Vault safeguards the critical cryptographic keys used in the cloud to keep your data secured. Used with Microsoft Azure Information Protection (AIP), the data exchanged within your collaborative work environment is protected by embedding enforceable security policies right on the data assets, regardless of the data type.

Deployed around the world in Azure data centers, nCipher nShield hardware security modules (HSMs) safeguard and manage your keys in the cloud. To give you greater control, nCipher enables you to create, hold, and transfer your own keys for use with Azure Key Vault in the cloud or on your own premises.

Cloud Based: Microsoft AIP with Bring Your Own Key (BYOK)

When using AIP, you don’t have to give up control of the key securing your data in the cloud. AIP uses nCipher HSMs in such a way that you can ensure that your keys are always under your control and never visible to Microsoft.

Learn More
Home Image 1

On Premises: Microsoft AIP with Hold Your Own Key (HYOK)

While most content can be served by securely stored keys in Azure, some sensitive content can never be shared or transmitted outside your own security perimeter. The security for this sensitive content needs to be on-premises only, with very limited access and sharing.
To manage your most sensitive data within your own security perimeter, AIP offers the HYOK option that is enabled by an on-premises component, with key management provided through a nCipher hardware security module (HSM).

Learn More
Home Image 2