Azure Key Vault Reviews

We use Azure Key Vault to store secrets. 

The solution needs to improve its cost. 

I have been using the solution for five years. 

I rate Azure Key Vault's stability a ten out of ten. 

The product's scalability is perfect. My company has around 100-200 users for the solution. 

The tool's installation is straightforward. 

We did the solution's deployment in-house. 

I rate the tool a ten out of ten. 

We are working with a lot of our clients who use the solution to protect sensitive information and to store it in the key vault within their infrastructure.

The sensitivity of the data needed to be kept in a secure environment so that only people who had proper access would be authorized to access it.

We are using infrastructure as code. So any of the services which require sensitive data can directly use service principles, manage identities, and access key items and then retrieve information from the Key Vault.

Since we are partners of Microsoft, we don't implement it for ourselves. We implement it for our clients. For our clients, many were using on-premises solutions and had connectivity from on-premises to the cloud. With this solution, they get the same level of data protection (or more) on the cloud.

The features on offer are very good.

We are using Key Vault as an optical store for the sensitive data and then retrieve the data and use access policies. So access to policies is quite valuable for us based on the regulations and compliance requirements that we are working with.

There is advanced data protection available. We're working in a highly regulated environment, and this is essential to us.

Perforamnce-wise, it's very good. We haven't had any issues in the past three years. There are no errors or downtime. It's always been available to us.

Microsoft's Key Vault availability is around 99%.

A lot of new features have been added, and it has nice regional availability as well. 

It is stable and scales well.

Technical support has been fine overall. 

It's currently very self-sufficient and doesn't need improvements. It's already a good service. 

We haven't faced any problems with the solution as such. The only issue we are facing is around the comparability with TerraForm, which we use to code the infrastructure. Sometimes there are issues there, even though it's not directly related to Microsoft. 

So far, it's served all of the client's purposes. We haven't come across a use case the solution could not handle. 

There are additional charges for data transfers. However, the pricing is mostly reasonable for the licensing overall. 

I've used the solution for three or four years at this point. I've used it for a while. 

The solution is quite stable. There are no bugs or glitches, and it doesn't crash.

We have 60 different teams that deploy their own Key Vault. They are purely developers that make applications for users. Those users may be from anywhere and may use the application portals.

I'm not sure, behind the scenes, what Microsoft does. However, I've found it to be scalable across regions. If we wanted to use 100 Key Vaults, we could do so.

We do not have plans to increase usage at this time.

Technical support is pretty good. I haven't had any issues with them over the past three years. 

Neutral

The client has used other on-premises versions in the past. Many needed a cloud option, and we helped them move to Key Vault. 

The initial setup was straightforward. We do not deploy it as it is a SaaS. We simply configure it for clients. There are APIs available, and we use them within Key Vault to implement.

We require the business use case and strategy in order to implement the product. For example, if we are in energy or health care, we need to know what is the area that is sensitive and where they are being used. Then, once we have that, we can protect those items.

The only maintenance that is required is service access. For example, if we need to add authorized personnel, we would do that. 

We can handle the implementation for clients. 

The cost is quite cheap. There are no extra costs beyond the standard fees, beyond maybe data transfer charges. It's $0.025 per 10,000 data transactions, so it is quite cheap.

We are a partner of Microsoft.

We haven't exported or imported information in Key Vault.

This solution is worth the cost and is useful to use. 

It's a service that can be used in multiple regions in Azure. They are mostly deployed in UK South and UK West. It can be deployed and used in other regions as well; however, we have data constraints. 

I'd rate her solution eight out of ten overall. 

Potential new users should consider the types of sensitive information they want to store and how they want to retrieve the information, and from where. These are critical to understanding as they will govern the configuration of Key Vault.

You can deploy Key Vault both publicly and privately. For example, if you do it privately, you can ensure you will ensure it can only be accessed from within your environment, and that ensures a very high level of security.

We use the solution to authenticate security features for environments. Using it, we can encrypt keys and protect the databases from getting hacked.

The solution works as an effective tool for securing our organization's databases.

They should add a key vault feature for the databases temporarily integrated into hybrid clouds. Also, they should make the key accessible once the databases migrate to another environment.

We have been using the solution for seven years.

The solution's customer service is excellent.

Positive

The solution's initial setup process is moderately complex. It is a time-consuming process if you are new to the product. But, if you know source applications and target databases, it just takes a few hours. Whereas in the case of larger environments, it might take days to complete.

Our in-house team deploys the solution. It requires three executives to work on larger deployments. Also, it requires a huge team when there are multiple databases to work with. 

The solution is affordable compared to other competitors.

I advise others to use the solution if they already work with Microsoft Azure environment. In such cases, they should not prefer integration with a third-party tool. They should consider other products if the databases are distributed to on-cloud and on-premises infrastructures.

I rate the solution as an eight.

We are a financial institution and we are using this product to manage our keys. We are currently trying to roll out a "Bring Your Own Key" solution for Azure and Office 365.

The GUI was quite easy for me to use.

Integration with Fortanix is good.

The integration with Thales HSM is complex and is not out-of-the-box. Uploading the keys was quite a tedious process.

We are just beginners with the Microsoft Azure Key Vault and only started using it within the past six months.

We have approximately 150,000 employees across the organization.

Technical support from Microsoft is excellent. The reason we still buy Microsoft products is because of their support. The documentation is good and they also provide free, professional support.

The premium support is available at an additional cost, but professional support is free with the license.

Prior to Azure Key Vault, we were using the Bring Your Own Key solution, Thales Hardware Security Module (HSM). It worked seamlessly to generate our own key and upload it to the key vault. However, with Azure and Office 365, Microsoft manages the keys. I started using Azure Key Vault because it is an out-of-the-box feature with Azure, and it replaced our Thales HSM.

The installation of Thales HSM is a little bit complex. When we installed it, we needed to have two VDAs. There is an online VDA and an offline VDA, and we have to retrieve information from the offline one and pass it to the online one. These are complex tasks in our environment. Because it is a highly regulated industry, even moving a key is not easy for us. We have to go through all of the processes.

Because of the complications that we have had, we were looking at replacing Thales HSM with Fortanix. It integrates with Azure Key Vault and the key upload process is quite easy.

Pricing is quite reasonable and support is included, although premium support is available for an additional fee.

I am currently researching and evaluating HashiCorp Vault. We have not yet run a PoC but I am learning the differences between these two solutions. In addition to Azure, we have AWS and multiple cloud platforms, and we have heard that HashiCorp Vault is the best solution for cases like this.

HashiCorp Vault is open-source and has a command-line interface. 

One of the things that I would like to know is whether HashiCorp can be used for Azure workloads. For example, can it be used in a situation where a user brings their own key for Office 365, or does that only work with Azure Key Vault? 

Overall, this is a good product and the support is fantastic.

I would rate this solution an eight out of ten.

The primary use case is for storing secrets.

It has improved our organization. We have been able to secure our passwords and secrets. We didn't have to add an extra tool in addition to this solution.

The most valuable feature is the ability to store secrets securely and encrypt them. It is pretty easy and straightforward to use.

I would like more code examples.

Over six months.

It is a reliable solution.

I have had no problems with scalability.

We are deploying it on 10 client systems.

I haven't needed support for this application. However, when I need support from Microsoft, I get it immediately.

I went straight to this solution.

The initial setup was straightforward.

Including research and getting up to speed with the technology, the deployment took less than a week for the PoC. Deploying it all the way to production took about a month. It took a week to determine that it was the right tool. It took another three weeks to implement in all environments, like UAT production and test. We tried it on a dev environment first, then we implemented it over different stages, like QA, test, and production. 

We deploy the solution in just one location.

I did the deployment.

It is a good deal.

The pricing is decent. It has a pretty low price. It is a straightforward cost based on usage.

I just went straight to Azure Key Vault.

Follow the Microsoft official documentation for this solution. It is pretty straightforward and very well documented.

I would rate Azure Key Vault as nine out of 10.

Azure Key Vault is used for passwords. Instead of adding the password to everything, you can add them to Azure Key Vault and directly use it whenever required, in whichever place it's needed.

The solution's most valuable features are reusability and safety. You don't have to type everything every time or remember things. Regarding safety, you don't have to keep track of the passwords. You can directly access those particular things in one go and at one particular location. You don't have to worry about password protection because it is handled by Azure.

Azure Key Vault has a lot of glitches. The solution's trial version should provide some more facilities so that people can try them and then decide whether to implement the tool in their project.

I have been using Azure Key Vault for three months.

Azure Key Vault has a lot of glitches. We faced an outage yesterday because some of our flow executes on ADF, and it failed. We have to continuously raise tickets with the support team. The outages impact our daily jobs.

I rate the solution’s stability a seven out of ten.

Azure Key Vault's scalability is good because it's a cloud-based solution. It is far better than on-premises tools, which is a good thing.

The solution's technical support is fine. However, I am not happy with the kind of acknowledgment Azure provides. If you're making changes to the tool that will impact the end user, you should inform them beforehand.

Neutral

The solution’s initial setup is easy. Since Azure Key Vault is a cloud-based service, you don't have to install it.

With Azure Key Vault, you get everything in one portal and don't have to go anywhere else, which is a good thing.

The solution's access policy is important. You can directly provide the kind of access you want to grant to any particular user or batch of users rather than monitor which particular user should assign which particular task and what things can be seen by which particular user. Those kinds of restrictions can be added directly using the access policy.

You need to maintain the solution. If the credentials are getting expired, you have to provide an update on that. One person is more than enough to maintain the solution.

Overall, I rate the solution a seven out of ten.

We use Microsoft Azure Key Vault to store encrypted credentials.

One of the most valuable features of Microsoft Azure Key Vault is its ease of use.

Microsoft Azure Key Vault could improve by enhancing the security of credentials. Without the security or the use of key vaults, we would have to configure our credentials into the source code as plain text without the encryption or security.

I have been using Microsoft Azure Key Vault for approximately seven months.

I didn't explore scalability very much, I had limited configurations with Microsoft Azure Key Vault. In the future, if I need to add a few more properties I could do it within the scale.

I used the Microsoft support that they have online at MSDN. I found most of the requirements and answers to my questions needed.

I have not used other solutions previously.

The initial setup of Microsoft Azure Key Vault was easy. The time it took for the implementation was appropriately one hour.

The solution does not require maintenance, there is no maintenance team needed.

The solution is simple to use, but there are now many more wallets that are available in the market. I haven't explored other solutions. I would advise others to look at other solutions to have an overview of what features the others are providing before choosing.

I rate Microsoft Azure Key Vault a six out of ten.

Our primary use case for Azure Key Vault is cloud applications that are being developed and deployed on Azure. In addition, we use it to store secrets that are used for on-premises applications.

The best feature is the integrity of the .NET applications in our company.

The big problem with Azure Key Vault is key rotation. We haven't found a good way to synchronize the credentials between the databases and Key Vault.

We have been using Microsoft Azure Key Vault for about one and a half years.

Azure Key Vault is stable. We haven't had issues with it in terms of reliability.

The scalability of Key Vault depends on how we develop applications. The technical part of integrating between the cloud and Key Vault is easy. It's more that the development of life cycle processes needs to be improved. That's one of the big problems. They have to improve it so that all projects and all servers achieve integration easily. But that's not so much an Azure Key Vault issue. It has more to do with the processes of our company.

We don't look at the number of users but, rather, what are called service principals in Azure Key Vault. We have a lot of service principal applications.

Our first step is always to try to find issues ourselves. If we can't handle an issue we escalate the request to a local Microsoft support provider. If they don't have the answer, they go directly to Microsoft.

We have been using Azure Key Vault and Centrify. We have begun a migration to CyberArk because our provider told us about a technology change and offered to migrate us from Centrify to CyberArk. We are looking to understand what CyberArk's capabilities are in comparison with Azure Key Vault. We are trying to decide which option is the best one to go with. What we have learned is that each product has particular issues that make us think that we need to keep both. The issue we have is with the rotation of databases and servers. CyberArk accomplishes it better. That's why we are trying to integrate these two solutions.

It's not complex to set up. It's easy to configure secrets.

What can be a little difficult is establishing a good design and governance of the Key Vault repositories. Sometimes it's difficult to understand if we need one key vault or multiple key vaults. Do we need a key vault instance for an environment or do we need multiple key vaults for our databases or maybe multiple key vaults for the segregation of services according to on-premises and cloud? But creating a secret and integrating an application you're going to consume the secret with is easy.

We have four operators responsible for Key Vault and CyberArk.

Azure is cheaper than CyberArk. You can configure a lot of applications with it, but the key rotation issue is there. CyberArk has good key rotation. It integrates with a lot of technologies and a lot of different types of databases. CyberArk is good, but it's quite expensive. 

Both Azure Key Vault and CyberArk are paid annually.

I would rate Azure Key Vault a seven out of 10 because of the key rotation issues. They are a big problem. The integration of the application is easy, but key rotation is not easy. It needs a lot of improvement.

From what I have seen from CyberArk in terms of services, key rotation, and its integration with technologies, it's quite good. The big problem is its pricing. I would rate CyberArk at 8.5 out of 10.