Gemalto has announced that Microsoft Azure Information Protection customers can now take advantage of the new “Hold Your Own Key” (HYOK) functionality using Gemalto’s SafeNet Luna Hardware Security Modules (HSMs). The integration allows organizations in highly regulated scenarios to manage, own and store their encryption keys in on-premises HSMs and securely share data with complete control over their keys. With this solution, enterprises can easily align data protection policies and business processes without compromising the integrity and security of their data.
The SafeNet Luna HSM enables HYOK functionality via native support for Microsoft’s Active Directory Rights Management Services (AD RMS). Companies have the option to use AD RMS protection policies for ‘top-secret’ data and Azure RMS protection policies for sensitive data. Enterprises can use the Azure Information Protection to enable secure internal and external collaboration. The SafeNet Luna HSM integration with the Azure Information Protection’s HYOK feature requires no change to the user experience or deployments. Customers control access to sensitive data by defining protection policies and use rights. All of the other information protection features, like document tracking and revocation, are preserved.
“Organizations using Microsoft Azure Information Protection services now have access to the convenient security features they’re used to, without having to hand over ownership and control of their encryption keys to their cloud provider,” said Todd Moore, SVP of Encryption Products at Gemalto. “Combining the SafeNet Luna HSM with the Azure Information Protection’s HYOK functionality, customers can continue to deploy customized data protection controls without compromising security or operational transparency of a user’s applications.”
Dan Plastina, Partner Director, Information and Threat Protection at Microsoft Corp. said, “Microsoft Azure Information Protection enables selective use of on-premises AD RMS services in a Hold-Your-Own-Key configuration (HYOK) for customers with deeply regulated data. Gemalto’s SafeNet Luna HSMs seamlessly integrate with this hybrid Azure Information Protection configuration providing customers the full spectrum of specialized protection they need.”
Gemalto’s SafeNet Luna HSMs are among the highest-performing, most secure and easiest-to-integrate HSM solutions available on the market today, facilitating regulatory compliance and delivering the highest data protection for enterprise, financial and government organizations. Unlike other methods of key storage, which move keys outside of the HSM into a “trusted layer,” SafeNet Luna HSMs store the keys in hardware to protect the entire key lifecycle.