SvKMS with Microsoft Azure

Separate keys from encrypted data in Azure and integrate Key Vault with HSMs

Microsoft Azure

Leverage BYOK to manage Azure encryption keys

Microsoft’s Azure cloud storage is a popular cloud storage platform, providing scalable, durable, and highly available storage, and the storage foundation for Azure Virtual Machines.

StorMagic SvKMS can be used with Microsoft Azure in two separate ways. Firstly, it can provide a third party key management service (KMS) for encrypted data in Azure, and also as an interface between Azure Key Vault Managed HSM and external HSMs, greatly increasing the flexibility and capability of Key Vault.

Integrating SvKMS with Azure

As a third party KMS for encrypted data

StorMagic SvKMS is fully integrated with Microsoft Azure via their client-side encryption using the concept of Bring Your Own Key (BYOK).

Separating the management of encryption keys out of Azure enables organizations to retain full control of their keys and meet generally accepted best practices for encryption key management regarding the separation of lock and key. SvKMS allows Azure users to create and manage their own keys separately, and then integrate them with encrypted data and applications held within the Azure cloud.

In order to integrate StorMagic SvKMS with Microsoft Azure, Microsoft’s Java SDK is utilized. For a full integration guide between SvKMS and Azure, please complete the form below.

As an interface for Azure Key Vault Managed HSM

StorMagic SvKMS can also be used as an interface between Azure Key Vault Managed HSM and third party HSMs (hardware security modules). The process of importing keys from on-premises HSMs to Azure Key Vault HSMs is a type of BYOK. Key Vault has supported BYOK since 2015.

Azure customers can use SvKMS as the interface to any supported on-premises HSMs to generate keys and import them into Key Vault. The keys to be transferred never exist outside an HSM in plaintext form and during the import process, the key material is protected with a key held in HSMs in Azure Key Vault. Many customers prefer to use on-premises HSMs to generate keys to meet regulatory or compliance requirements.

Integrating SvKMS with Azure Key Vault allows SvKMS to act as an independent key management system (KMS) that integrates with third party HSMs. Furthermore, this method means SvKMS can be used for cloud-based apps that are only available to Key Vault, such as Office365, and as part of an organization’s wider enterprise key management framework.

SvKMS with Microsoft Azure

Microsoft Azure Integration Guide

Integrating StorMagic SvKMS with Microsoft Azure is a straightforward process, allowing organizations to reap the benefits and control provided by having encryption keys managed by a centralized, secure and separate key manager.

For the complete step-by-step integration guide for configuring Microsoft Azure and SvKMS, complete the form opposite.

By clicking download, you consent to allow StorMagic to store and process the personal information submitted and for StorMagic to contact you via telephone and email in relation to the content requested.
StorMagic is committed to protecting and respecting your privacy, and we’ll only use your personal information to provide the products and services you requested from us. You may unsubscribe from StorMagic marketing communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Data Protection Policy.

More information on StorMagic SvKMS

StorMagic SvKMS encryption key management goes much further than just providing simple KMIP or BYOK integration with leading encryption workloads. SvKMS enables organizations to manage all of their encryption keys, wherever they are located, within a secure, flexible management interface. Enterprise-grade features enable the management of the entire key lifecycle, from key creation to key destruction, and all at a surprisingly low cost.