Azure Key Vault Reviews

Currently, we're looking at how we're going to use it in our dev environment. We actually have another product that we're using. We're going to test out those keys for maintaining our secrets, however, we first have them in our dev and test environment before we roll it out, as another protection area.

The most valuable aspect of the product is its ability to keep our admin password accounts for keys and a lot of our high-value assets. It can manage those types of assets. So far, the product does a great job of managing keys.

The initial setup is pretty straightforward.

The stability has been very good. We've been happy with it so far.

The security on offer seems to be quite good. 

The solution offers very good preferences.

We've found the pricing to be better than our last solution.

I don't have any thoughts on areas for improvement at this time.

While the solution already does a great job of managing keys, the solution could probably look at maybe expanding more into mobile devices and endpoints.

We've been quite happy with the stability on offer. It doesn't crash or freeze. There are no bugs or glitches. It's reliable.

Right now, for our environment, we're hoping that it's scalable and it's more cost-effective than the other tools that we were using in the past. Scalability was one of the key things that we were looking at. That said, we have not attempted to scale just yet. That may be in the future.

Technical support has been helpful and responsive. If we ever run into issues we know we can reach out and they can assist us. So far, we're quite satisfied with the level of support our organization receives.

We were previously using CyberArk, which was quite costly for us. One of the reasons we are moving away from it is the overall costs involved. This solution seems ot be better in that regard. Also, this product does seem to offer better scalability.

The initial setup is not overly complex. It's pretty straightforward. 

One of the things with the initial setup is just making sure that we understood what all our assets were and what type of things we wanted to capture in that regard. Therefore, it wasn't complex at all. It's just making sure that we did a proper plan and everything at the outset, in order to move forward properly and effectively.

The deployment took us around two to three weeks. We had an implementation strategy, however, we had to have a slow roll out. The whole thing took us about two to three weeks to get everything in place and to start migrating our keys over. 

We did not use an outside consultant or implementor during the implementation. It was an internal project. We used one of our customized tools to help us out.

The solution is less costly than our old solution, CyberArk. It's actually substantially cheaper. That said, I don't have the exact pricing off-hand.

We're partners with Microsoft.

Although we just did an upgrade to the latest version, I'm not 100% sure what the current version number we are using is.

We're quite happy with the product. I would rate the solution at an eight out of ten.

I am a system architect and this is one of the products that I work with when designing systems for our customers. This key vault allows you to store passwords and secret keys so that you can retrieve them when needed. Each customer will have their own secret password that can be used in a cloud-based scenario to retrieve their login usernames, passwords, and other secrets.

The most valuable feature is that you can retrieve user account details from the cloud.

Azure needs to provide versions of Key Vault that are suitable for different sizes of companies. For example, we are not a big corporation that can afford corporate-level pricing. We have to strike a balance between the number of users and the volume of keys that are being used.

I have been using the Microsoft Azure Key Vault for close to two years.

This is a stable product and I haven't had any issues. The performance decreases as many keys are added to the vault. For example, it will be slow if we have 1,000 users.

Scalability is related to the licensing plan. At some point, the number of keys that can be stored will run out until the vault plan is upgraded.

The product support is awesome and I don't have any issues with it.

Azure is the first key vault that we have used.

The initial setup is straightforward. It is not complex, although it takes weeks to implement because we have to integrate with other modules.

Our in-house team handles deployment.

The cost of the Azure Key Vault is very high and the pricing model is based on the number of keys that you store and retrieve. It is billed in blocks, such as 1,000 passwords that I can store. However, if I am paying to store information for 1,000 users then the pricing is not discounted if I only need to store 500.

I am currently evaluating HashiCorp Vault because it is more economical than Azure Key Vault.

In summary, this is a good product and one that I recommend.

I would rate this solution an eight out of ten.

We have an application connecting to the database. So we have implemented an authentication in place wherein without that particular secret value, it won't be authenticated. So that is a use case that I can tell you about Azure Key. We have implemented it for some small identity providers as well. 

Using Azure key Vault has increased the security of our organization. 

I would say its granular access control is the most valuable feature.

It would be great if it would integrate with other cloud solutions.

I have been using Azure Key Vault for the past 2 years. 

I think the stability works perfectly. I've never seen a block from the cloud side. But there might be some problems when we are configuring it. So maybe we are missing some strings or something, but I have never seen an issue from the cloud side.

A thousand people using the solution at present.

You have to configure based on, like, who should access routers, security should be generated, the identity management and everything. And Azure Microsoft people have provided a good documentation on it. They have provided a good labs also and good videos also for reference. So I believe everything is good on that part.

I would rate the overall solution an eight out of ten. 

I use the solution for saving keys. We use it to manage encryption keys and secrets in our applications.

It is a good solution. I use it to deploy my services. All the features are valuable. The access policy feature helps secure content and resources. We use the automated key rotation feature to secure the deployments and the development process. It can be used to secure resources. The availability is high. We can integrate the tool with VMs, storage, and Azure App Service.

The product must provide AI features.

I have been using the solution for three to four years.

The tool has high stability.

The tool’s scalability is high. Our clients are small, medium, and enterprise businesses.

The support must be improved.

Positive

The initial setup is easy. The deployment took a few minutes.

The pricing is normal. The product is neither cheap nor expensive.

I am an implementer and designer. I will recommend the product to others to keep keys, secrets, and related information secure. Overall, I rate the product a ten out of ten.

The product’s most valuable feature is the ability to store secret information.

Azure Key Vault has been a crucial component in securing sensitive information within our organization. It includes storing critical details such as usernames, passwords, and other confidential data.

It is a simple service. I rate the stability a nine out of ten.

The service is easy to set up. However, the process requires various details, such as access controls and permissions. It includes determining who can create, read, or modify secrets. Overall, it is relatively easy and can be efficiently deployed through templates into CI/CD pipelines and DevOps workflows.

The product is inexpensive.

The platform provides straightforward integration with most of the other Azure services. It has improved the compliance and auditing processes. Earlier, we had to either store secret information inside the application or develop a custom solution to comply with it. There was a high chance of the data getting corrupted as different people had access to it.

I rate Azure Key Vault an eight out of ten.

We integrate Azure Key Vault to Azure DevOps for configuration automation. It allows selected access to the client IDs. Centralizing these keys ensures developers don't have direct access to sensitive information. Instead, the platform management team or developers can securely retrieve these keys during the pipeline execution.

The platform has a valuable feature for seamless integration. It's integrated into Azure API Management and Azure DevOps or directly into code. It supports various environments.

Azure Key Vault takes time to fetch values while integrating it with the code written in .NET format.

We have been using Azure Key Vault for four to five years.

I have been using it for five years, and it has been a stable product.

We have more than 100 Azure Key Vault users in our organization. It is a scalable product in terms of adding keys.

The product costs much less compared to other vendors.

Azure Key Vault is easy to use. It is a best practice and must be used within architecture implementation for security. I rate it an eight out of ten.

We use it for storing secrets for different accounts. If a service account or a storage account or a resource needs access to a resource, and there's a password involved, you would book out a password, and access Key Vault to gain access to the password, and get access to the resource.

The ability to use identity access management incorporated with RBAC is important for us. It helps us ensure the governance and security posture is secure and logical.

Among the features that have helped improve our security posture are storing secrets in a secure location to create a trusted situation, trusted resources, and incorporating identity access management so that we know who has access to what.

In addition, it hasn't affected our end-user experience. It's seamless.

One of my previous clients was one of the big banks here in the Netherlands and the EU courts have stated that Microsoft Azure Key Vault is not, according to their perspective, secure due to the fact that Microsoft has access to Key Vault. If you cannot demonstrate that only you, as an organization, have access to your secrets, then you are not in control of your secrets. That is a concern.

Also, a big issue is the configuration. It could be that the people working on the solution, the system engineers, might lack knowledge and not incorporate all the best practices from Microsoft. The way they've implemented it might not be the way Microsoft envisioned it. It's always back to who's implementing what for you as a solution.

We've been using Microsoft Azure Key Vault for two to three years.

It's robust. It's good.

The scalability is very good. It's up to your imagination and how big you want to make your resilience and high availability and so on.

We have plans to increase our usage because we are going to launch new websites for specific regions. There will just be more resources needed.

Microsoft has a support team that calls our security team every two weeks to discuss any topics and issues, and to talk about topics of the day or the week. It might be about resilience or expansion or features that are changing and new releases. It's good to have a meeting at least every two weeks that gives us the opportunity to speak to Microsoft account management.

Positive

The initial setup was straightforward. It's already incorporated in Azure, so you can just use it. It took minutes to deploy.

The ROI is due to the fact the services keep on growing. It's better, it's more secure, and it grows. It's becoming a better product.

Our customer did not evaluate other products. They mostly want to do things native to Microsoft Azure, so that's their first port of call. And if Azure services cannot provide the functionality that they need, then they will go and look outside.

Other service providers try to lower the prices, but it all depends on your development environment and your core skills. You are a bit more stuck if you are coding in .NET. If you go down that route, you can't easily move out to another service provider. Maybe you can go the route of adding a new team with a different service provider, but then you will need to mash it together. You would need to evaluate if that is a good option.

We have about 70 developers and they are in different teams. They interact with third parties and they have different roles, including front-end and back-end developers. Each one creates services for different websites for different regions, to sell e-vape cigarettes. And we have team leaders who use it as well. There's a security team of five people responsible for the infrastructure of Azure, including creating new resources or whatever is necessary for the dev teams. There are also operations management and product owners who make decisions on schedules, what will be built, and priorities.

Deployment and maintenance are part of the security engineers' work, to manage any issues. Sometimes the dev teams get involved with root cause analysis if something is going wrong with a web application. We have a team for certain maintenance tasks and requests.

The biggest lesson I've learned from using this solution is: "Stay secure."

We use this product to manage our keys for storage, as well as the SQL server.

The most valuable features are ease of use and enabling our clients to manage keys.

The initial setup could be less complex for first-time users.

We have been working with Microsoft Azure Key Vault for about a year.

This product has been very stable for us.

Scalability does not apply to our use case. I can say that it works well for smaller organizations.

Microsoft technical support has been very responsive and good.

Prior to the Azure Key Vault, we used a third-party password value. We moved to satisfy our customer requirements.

The first time we implemented this solution it was a little complex but as you use it, the process becomes easier. Installation specifics depend on each organization's needs.

The deployment, initially, was a couple of hours. After that, it took perhaps another hour to work through the setup and documentation.

We have admins who are in charge of using the Key Vault.

I would rate this solution a ten out of ten.