skip to Main Content

Managed HSM Available in Azure Key Vault

Released to general availability in Azure SQL Database and Managed Instance is the ability to use an RSA key stored in Azure Key Vault Managed HSM, for customer-managed Transparent Data Encryption Bring Your Own Key (TDE BYOK).

This is added on top of the existing option of using Azure Key Vault. Together this provides flexibility for storing encryption keys and protecting the most confidential workloads.

This means that those sensitive workloads requiring higher security can now be safely brought into Azure while maintaining single-tenant, isolation, local RBAC, FIPS 140-2 Level 3 compliancy and throughput for key management.

Managed HSM

Azure Key Vault Managed HSM is a fully managed, highly available, single-tenant, standards-compliant cloud service that enables you to safeguard cryptographic keys for your cloud applications, using FIPS 140-2 Level 3 validated HSMs (Hardware Security Modules). Source: Microsoft documentation.

Azure Managed HSM Overview – Azure Managed HSM

Post Terms: Azure Key Vault | Managed HSM

About the Author

Marketing Manager, Leah Monterroso, has been writing blogs and articles for the last six years. Since working with Ballard Chalmers, she has immersed herself in Microsoft tech news and bringing value to clients and the wider community through content.

You can find Leah online at:

Back To Top
Contact us for a chat