Azure Key Vault Reviews

We wanted to tokenize the PCI data stored in the database. We are using Azure Key Vault to store the keys for the data tokenization. We store secret keys and drive encryption keys in Azure Key Vault.

We require customer-managed keys or Bring Your Own Key (BYOK) for certain things. With Azure Key Vault, we can generate our own keys and then import them inside the system, which provides a higher level of security than provider-managed keys.

As of today, there is limited support for third-party vendors. You are forced to work with the vendors that Azure approves. Only a few and not all third-party vendors are supported on Azure Key Vault. It would be great if Azure allowed more third-party vendors into the ecosystem.

Currently, the solution's pricing is based on the number of transactions, which is very high in some cases. The solution's pricing could also be reduced.

Currently, dedicated Azure Key Vaults are not available in the UAE region. We are using a shared solution with other customers. There is a great need for certain customers who want dedicated hardware-based or physically segregated Azure Key Vault.

I have been using Azure Key Vault for more than 1 year.

Azure Key Vault is a very stable solution.

The solution has very good scalability. More than 15 users use the solution in our organization.

I rate Azure Key Vault a nine out of ten for scalability.

The solution's technical support is not that good. Whenever we identify a particular issue and raise it as a Key Vault issue, the calls keep bouncing between people. Since Microsoft has a different subject matter expert for everything, we face a lot of issues trying to find the right person. For example, if we have an issue with drive encryption, they will get us an Intune expert. It's hard to reach the right people.

Most of the time, the people who call quickly are unaware of the product and are mostly gathering information. We get a lot of calls from people who keep asking the same questions regarding our version and software. So, it takes quite some time to get to the expert.

I previously worked with Thales. Thales is a completely hardware-based solution, and its installation and configuration are way more complicated than Azure Key Vault. Since Azure Key Vault is a SaaS solution, installing and deploying it is much easier.

The solution's setup process is simple if you're using native technology. However, it's a little complicated if you're using third-party applications or software.

Azure Key Vault is a very, very expensive solution. Currently, the solution's pricing is based on the number of transactions, which is very high in some cases.

Azure Key Vault provides a very good interface wherein we can continuously change or recycle the keys seamlessly. This automatic mechanism is much better than the typical process of changing keys or certificates. The solution takes backups before the keys expire and informs us in advance when the keys will expire.

There is something called rainbow keys. I can generate certain read-only keys that even the administrator cannot delete. The access control is very granular. I can provide access control on certain keys so that only a specific person can access them. We have deployed Azure Key Vault on the cloud in our organization.

Azure Key Vault is the best solution for Microsoft users. If you use another cloud provider, you will have to find a solution that works across all of them.

Overall, I rate the solution a seven out of ten.

We use Azure Key Vault to store all of our applications’ keys and secrets in the Azure platform. The secrets and keys are for our public facing SaaS software which mainly includes websites and APIs.

The solution has reduced the amount of time that we had spent worrying about the management of the keys and secrets.

I find the simplicity of key management to be the most valuable feature. Key management has always been a difficult function to do, especially in the cloud premises. Azure Key Vault provides you with a mechanism for managing keys, without having to worry about protecting secrets, and that is valuable.

I have been using this solution for about five years.

I would rate the stability of the solution as eight out of ten. We encountered a few problems where Azure had infrastructure problems like the DMS. It was not necessarily a problem with the Key Vault but a problem with the infrastructure that did not allow us to access it.

I would give a rating of ten out of ten for the scalability of the solution. I have not found any scalability issues with Azure Key Vault.

I have found the customer service and support of Microsoft to be very good and very high.

Positive

We haven’t used any different solution before Azure Key Vault. We have used it since initially implementing it in the cloud.

The initial deployment was straightforward. I was involved in the deployment of the solution in a project management role.

We implemented the solution with the help of an in-house team. There was only one team member doing the deployment.

We have seen ROI with the solution. We observed reduced internal development effort with the use of the tool. The solution was certainly worth the cost.

I find the pricing of Azure Key Vault to be reasonable.

We did not evaluate any other options because we were fully on the Microsoft platform, so we went ahead with their recommendation.

I would rate Azure Key Vault a nine out of ten. I recommend it as a good solution for those using Azure Cloud to host their services. The solution does not require any maintenance.

We are a financial institution and we are using this product to manage our keys. We are currently trying to roll out a "Bring Your Own Key" solution for Azure and Office 365.

The GUI was quite easy for me to use.

Integration with Fortanix is good.

The integration with Thales HSM is complex and is not out-of-the-box. Uploading the keys was quite a tedious process.

We are just beginners with the Microsoft Azure Key Vault and only started using it within the past six months.

We have approximately 150,000 employees across the organization.

Technical support from Microsoft is excellent. The reason we still buy Microsoft products is because of their support. The documentation is good and they also provide free, professional support.

The premium support is available at an additional cost, but professional support is free with the license.

Prior to Azure Key Vault, we were using the Bring Your Own Key solution, Thales Hardware Security Module (HSM). It worked seamlessly to generate our own key and upload it to the key vault. However, with Azure and Office 365, Microsoft manages the keys. I started using Azure Key Vault because it is an out-of-the-box feature with Azure, and it replaced our Thales HSM.

The installation of Thales HSM is a little bit complex. When we installed it, we needed to have two VDAs. There is an online VDA and an offline VDA, and we have to retrieve information from the offline one and pass it to the online one. These are complex tasks in our environment. Because it is a highly regulated industry, even moving a key is not easy for us. We have to go through all of the processes.

Because of the complications that we have had, we were looking at replacing Thales HSM with Fortanix. It integrates with Azure Key Vault and the key upload process is quite easy.

Pricing is quite reasonable and support is included, although premium support is available for an additional fee.

I am currently researching and evaluating HashiCorp Vault. We have not yet run a PoC but I am learning the differences between these two solutions. In addition to Azure, we have AWS and multiple cloud platforms, and we have heard that HashiCorp Vault is the best solution for cases like this.

HashiCorp Vault is open-source and has a command-line interface. 

One of the things that I would like to know is whether HashiCorp can be used for Azure workloads. For example, can it be used in a situation where a user brings their own key for Office 365, or does that only work with Azure Key Vault? 

Overall, this is a good product and the support is fantastic.

I would rate this solution an eight out of ten.

We use Azure Key Vault for securing secret connection streams, like API secrets, Azure services Secret Key, and AD Client Secret. Azure Key Vault is a stable solution that seamlessly integrates with other services.

Azure Key Vault is only available for Microsoft services, and it should be exposed to non-Microsoft cloud services, like GCP and Amazon.

I have been using Azure Key Vault for a few years.

Azure Key Vault is a stable solution.

I rate the solution a nine out of ten for stability.

We've never had any scalability issues with Azure Key Vault. More than 30 customers are working with the solution.

I rate the solution a nine out of ten for scalability.

The solution’s technical support team is knowledgeable.

The solution’s initial setup is easy. We use Microsoft's templates and PowerShell scripts for the solution's seamless deployment.

Azure Key Vault has an automated deployment, which does not take more than five minutes. We create the Azure Key Vault service and set up its lifetime and client secrets. Then, we create a secret and its text and values and update the solution. We then configured Azure Key Vault so that we could access it. We use mostly dot NET APIs and integrated this into the application setup. We inject the service whenever required, and we'll create the keys.

Azure Key Vault provides a single source of truth and a secure database for all my secrets.

We use a pay-as-you-go license for the solution, which is not very expensive.

Azure Key Vault is a cloud-based solution.

Overall, I rate Azure Key Vault a nine out of ten.

The primary use case is for storing secrets.

It has improved our organization. We have been able to secure our passwords and secrets. We didn't have to add an extra tool in addition to this solution.

The most valuable feature is the ability to store secrets securely and encrypt them. It is pretty easy and straightforward to use.

I would like more code examples.

Over six months.

It is a reliable solution.

I have had no problems with scalability.

We are deploying it on 10 client systems.

I haven't needed support for this application. However, when I need support from Microsoft, I get it immediately.

I went straight to this solution.

The initial setup was straightforward.

Including research and getting up to speed with the technology, the deployment took less than a week for the PoC. Deploying it all the way to production took about a month. It took a week to determine that it was the right tool. It took another three weeks to implement in all environments, like UAT production and test. We tried it on a dev environment first, then we implemented it over different stages, like QA, test, and production. 

We deploy the solution in just one location.

I did the deployment.

It is a good deal.

The pricing is decent. It has a pretty low price. It is a straightforward cost based on usage.

I just went straight to Azure Key Vault.

Follow the Microsoft official documentation for this solution. It is pretty straightforward and very well documented.

I would rate Azure Key Vault as nine out of 10.

I use the solution in my company to install our digital certificates and deal with our organization's secret information.

The most valuable features of the solution stem from its ability to allow its users to simply install some digital certificates and some key-value pairs, which are useful for our organization.

If I consider how some people complain that a solution to store information should be available at a low cost, I would say that Azure Key Vault's price should be made cheaper.

I have been using Azure Key Vault for a couple of years.

It is a stable solution.

My company has never found any problems with the stability of the product. Stability-wise, I rate the solution a nine out of ten.

Azure Key Vault is considered a secondary tool in our company since we don't exclusively work on it. In general, Azure Key Vault or BitLocker are just supporting tools we use in our company for certain features such solutions provide. My company has not explored the aforementioned tools in-depth.

The users do not directly use the product since my company uses the applications in Azure Key Vault. My company uses Azure Key Vault in approximately five applications.

The solution's technical support is good. My company never had to contact the tool's support team since we don't use the product's advanced features. My company received support from Microsoft whenever we needed it.

The product's initial setup phase is straightforward. As I have more than twenty-five years of work experience, things have become easier with the tools you have used for so many years. For me, the tool's setup is easy and easy to use.

For the product's deployment phase, my company has different environments. In my company, we use certain products in various departments by using CI/CD pipelines on which we write the instructions to deploy the tools on a few particular servers.

The solution is deployed on the cloud.

The main benefit derived from using the product stems from the fact that it provides security to our company's digital assets.

The price of the product is okay for my company.

I did not evaluate other options against Azure Key Vault since I prefer to use Microsoft products since we use most of its technologies in our company.

I use the tool to manage application secrets by storing digital assets separately. My company puts the digital assets directly in the tool using the credentials.

Azure Key Vault plays a key role in encryption in certain projects or scenarios in our company. In our company, if we want to apply some algorithms to encrypt our data, we store such data in Azure Key Vault and pull it manually from the solution later to encrypt our organization's data.

My company doesn't exactly use the access policies in Azure Key Vault for managing permissions, but we do use it for the storage of our secret information. For managing our company's secrets, we use Azure Key Vault, but we don't use it for managing permissions as we use IdentityServer and other tools for such purposes.

Azure Key Vault can integrate very well with other Azure services.

Azure Key Vault is a good option since it is a secure and useful tool.

I rate the solution a nine out of ten.

I only work with Azure Defender for Key Vault because I'm on the security team.

So, it's currently used for passwords and secrets.

It's quite easy to use. That's one very important feature.

For additional features, you can always bring your own key (BYOK) or use your own key instead of Azure Key Vault.

There's room for improvement in cross-platform compatibility.

It would be helpful if Azure Key Vault could be used with other cloud platforms besides Azure.

I have been using this solution for three to four years now. 

It's very stable.

I would give it an eight out of ten for scalability. There's room for improvement in cross-platform compatibility.

It's mainly used by administrators. There are less than 12 administrators using it.

I haven't used technical support for Azure Key Vault. However, we did use advisory services once.

We were working on a specific use case that involved blockchain technology. We wanted to know if Azure Key Vault could be used to store private keys for blockchain nodes. We spoke to Microsoft, and they were able to help us.

Positive

The initial setup is very straightforward. It only took a few minutes.

You can deploy it yourself. It's a self-service model. Just a single Azure administrator is enough.

We have definitely seen a return on investment from using Azure Key Vault. It has helped us to improve the security of our organization.

You don't need to pay for a license for Azure Key Vault. It is billed on a pay-as-you-go basis.

I would definitely recommend Azure Key Vault. It is very easy to use, especially for retrieving keys and creating secrets.

We use the solution to secure and store managed sensitive information and cryptographic keys in an application secret.

The solution uses the encryption technique to store the secret information data that uses EPCE. There is also one feature that monitors Azure Key Vault.

They should improve its policies, which sometimes reapplied but don't sync properly between the Key vault and the role-based access. When I put some roles on the user side, it sometimes misses the end data to secure.

One feature that could be added is the transparency of Key stored. There could be a feature to monitor the Key Vault because we can't monitor the Key Vault with a third party. We can't configure the automation or sync the key vault. We store passwords and all those things.

The user intervention also needs to be implemented there. This allows the user to automatically change the password, ensuring that it synchronizes and updates across all stored keys.

I have been using Azure Key Vault for two years.

The product is stable.

The solution is scalable. If they improve certain things with the update, that will be a more scalable product. There are a lot of users that use the Key Vault because it is the organization’s choice.

The initial setup is super easy.

There is a key that says, 'MS bug is there.' Azure has keyword secret information and connectivity issues. Azure File Share has Key connectivity issues. If we share some files and link through the Key, it loses connection.

The product is expensive compared to other products. It is costly to install as data records are charged based on the data. The Key type and plans are the factors that affect the pricing.

We are implementing Azure Key for certain projects. It completely depends on the project. Suppose your company gives us a project and asks us to implement Azure Key for other users.

I don't recommend it to everyone. It completely depends on the scenario base if you use a VM application or shared data. You can use Key Vault to secure information when transferring over the network. Sometimes, you are trying to assess your web information, and it is not working because of the connectivity issue due to some access control policies.

If you are the user and can work on the Azure portal or have access, you may be the support or IT person. You have the right to choose the architecture we must implement in our organization. They want to implement that on their user, but that's not a suitable option for everyone. We have 2,000 employees using this solution. We should have a strong plan to implement the Key Vault.

Anyone can learn Azure Key Vault within a day or two days.

There's a lot of work to do on the standalone side. If we are required to create a different workflow or automate it, then it's not possible or difficult to do that. If I want to keep the alerts on my email or team channel, that isn't easy to automate with the help of the Sentinel.

I need to use Azure Key Vault to ensure my application sends me refined data weekly. This data includes high and low alerts, which are sent to my email address or possibly generate an incident using a third-party API such as ServiceNow or Jira.

We can automate several things. We can fetch the log, but we can't automate that defender workflow itself in Container.

The solution is best because it completely secures passwords, which we can use to access.

Overall, I rate the solution an eight out of ten.