Entrust, a provider of trusted identities, payments, and data protection solutions announces the integration of its nShield hardware security modules (HSMs) with Microsoft Double Key Encryption. nShield HSMs support the new Microsoft service with robust cryptography, enabling organizations to extend control and security over their most sensitive data in Microsoft 365.
Double Key Encryption (DKE) for Microsoft 365 protects a company’s highly sensitive data using two component keys – one key that is in the customer’s control and a Microsoft key stored securely in Microsoft Azure. With this new integration, the customer’s key is generated and protected using a robust FIPS 140-2 Level 3 and Common Criteria EAL4+ certified nShield HSM and used to encrypt the organization’s sensitive data. The data is then encrypted again with a key provided by Microsoft.
Whether deployed on premises or as-a-service, Entrust nShield HSMs are among the highest-performing, most secure and easy-to-integrate HSM solutions available, facilitating regulatory compliance and delivering the highest levels of data and application security for enterprise, financial, and government organizations. The purpose-built hardware devices are designed to generate, safeguard and manage cryptographic keys on behalf of applications. The unique nShield Security World key management architecture enforces important separation of duties with dual-controls that segregate security functions from administrative responsibilities. The addition of certified Entrust nShield HSMs to Microsoft Double Key Encryption service accelerates cloud adoption and facilitates auditing and regulatory compliance.
As a Microsoft Gold Partner, Entrust nShield HSMs have helped companies maintain strong controls over their encryption keys for Microsoft applications for more than two decades including SQL Server, Active Directory Certificate Services as well as having pioneered with Microsoft Bring Your Own Key (BYOK) to Azure Key Vault and Microsoft 365.