We wanted to tokenize the PCI data stored in the database. We are using Azure Key Vault to store the keys for the data tokenization. We store secret keys and drive encryption keys in Azure Key Vault.
The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
We wanted to tokenize the PCI data stored in the database. We are using Azure Key Vault to store the keys for the data tokenization. We store secret keys and drive encryption keys in Azure Key Vault.
We require customer-managed keys or Bring Your Own Key (BYOK) for certain things. With Azure Key Vault, we can generate our own keys and then import them inside the system, which provides a higher level of security than provider-managed keys.
As of today, there is limited support for third-party vendors. You are forced to work with the vendors that Azure approves. Only a few and not all third-party vendors are supported on Azure Key Vault. It would be great if Azure allowed more third-party vendors into the ecosystem.
Currently, the solution's pricing is based on the number of transactions, which is very high in some cases. The solution's pricing could also be reduced.
Currently, dedicated Azure Key Vaults are not available in the UAE region. We are using a shared solution with other customers. There is a great need for certain customers who want dedicated hardware-based or physically segregated Azure Key Vault.
I have been using Azure Key Vault for more than 1 year.
Azure Key Vault is a very stable solution.
The solution has very good scalability. More than 15 users use the solution in our organization.
I rate Azure Key Vault a nine out of ten for scalability.
The solution's technical support is not that good. Whenever we identify a particular issue and raise it as a Key Vault issue, the calls keep bouncing between people. Since Microsoft has a different subject matter expert for everything, we face a lot of issues trying to find the right person. For example, if we have an issue with drive encryption, they will get us an Intune expert. It's hard to reach the right people.
Most of the time, the people who call quickly are unaware of the product and are mostly gathering information. We get a lot of calls from people who keep asking the same questions regarding our version and software. So, it takes quite some time to get to the expert.
I previously worked with Thales. Thales is a completely hardware-based solution, and its installation and configuration are way more complicated than Azure Key Vault. Since Azure Key Vault is a SaaS solution, installing and deploying it is much easier.
The solution's setup process is simple if you're using native technology. However, it's a little complicated if you're using third-party applications or software.
Azure Key Vault is a very, very expensive solution. Currently, the solution's pricing is based on the number of transactions, which is very high in some cases.
Azure Key Vault provides a very good interface wherein we can continuously change or recycle the keys seamlessly. This automatic mechanism is much better than the typical process of changing keys or certificates. The solution takes backups before the keys expire and informs us in advance when the keys will expire.
There is something called rainbow keys. I can generate certain read-only keys that even the administrator cannot delete. The access control is very granular. I can provide access control on certain keys so that only a specific person can access them. We have deployed Azure Key Vault on the cloud in our organization.
Azure Key Vault is the best solution for Microsoft users. If you use another cloud provider, you will have to find a solution that works across all of them.
Overall, I rate the solution a seven out of ten.
I use the solution in my company to install our digital certificates and deal with our organization's secret information.
The most valuable features of the solution stem from its ability to allow its users to simply install some digital certificates and some key-value pairs, which are useful for our organization.
If I consider how some people complain that a solution to store information should be available at a low cost, I would say that Azure Key Vault's price should be made cheaper.
I have been using Azure Key Vault for a couple of years.
It is a stable solution.
My company has never found any problems with the stability of the product. Stability-wise, I rate the solution a nine out of ten.
Azure Key Vault is considered a secondary tool in our company since we don't exclusively work on it. In general, Azure Key Vault or BitLocker are just supporting tools we use in our company for certain features such solutions provide. My company has not explored the aforementioned tools in-depth.
The users do not directly use the product since my company uses the applications in Azure Key Vault. My company uses Azure Key Vault in approximately five applications.
The solution's technical support is good. My company never had to contact the tool's support team since we don't use the product's advanced features. My company received support from Microsoft whenever we needed it.
The product's initial setup phase is straightforward. As I have more than twenty-five years of work experience, things have become easier with the tools you have used for so many years. For me, the tool's setup is easy and easy to use.
For the product's deployment phase, my company has different environments. In my company, we use certain products in various departments by using CI/CD pipelines on which we write the instructions to deploy the tools on a few particular servers.
The solution is deployed on the cloud.
The main benefit derived from using the product stems from the fact that it provides security to our company's digital assets.
The price of the product is okay for my company.
I did not evaluate other options against Azure Key Vault since I prefer to use Microsoft products since we use most of its technologies in our company.
I use the tool to manage application secrets by storing digital assets separately. My company puts the digital assets directly in the tool using the credentials.
Azure Key Vault plays a key role in encryption in certain projects or scenarios in our company. In our company, if we want to apply some algorithms to encrypt our data, we store such data in Azure Key Vault and pull it manually from the solution later to encrypt our organization's data.
My company doesn't exactly use the access policies in Azure Key Vault for managing permissions, but we do use it for the storage of our secret information. For managing our company's secrets, we use Azure Key Vault, but we don't use it for managing permissions as we use IdentityServer and other tools for such purposes.
Azure Key Vault can integrate very well with other Azure services.
Azure Key Vault is a good option since it is a secure and useful tool.
I rate the solution a nine out of ten.
