- Solutions
- Products
- Services & Support
- Blog
- About
- Contact
Swiss cloud service that encrypts Microsoft 365 office applications with DKE in the Microsoft Azure Cloud.
Securosys 365 encrypts the content of documents stored in the Microsoft 365 cloud using keys not available to Microsoft. This service leverages Microsoft's new Double Key Encryption (DKE) offering: any Microsoft 365 document that is encrypted by default with Microsoft-managed keys can now be encrypted again with an additional key. This key is under the exclusive control of the customer and securely stored in Securosys CloudsHSM. The document can only be viewed and accessed with both keys, similar to the dual control principle. The files remain inaccessible to Microsoft or Securosys.
With Double Key Encryption (DKE), your data is encrypted with two keys. Your encryption key is in your control, securely stored in the tamper-proof Securosys CloudsHSM - and the second key is stored in Microsoft Azure so you can move your encrypted data to the cloud. Securosys 365 protects your content by storing your 2nd key in dedicated Hardware Security Modules - as a cloud service or on-premise solution.
You can store Double Key Encrypted documents on-premises or in the cloud. When in the cloud, you can move encrypted content to SharePoint Online and OneDrive for Business. Because Microsoft doesn't have access to your private key, the encrypted data remains opaque to Microsoft and also Securosys.
Securosys 365 is built on the basis of Securosys CloudsHSMs and uses the FIPS140-2 Level 3 and CC EAL 4+ certified Primus HSM. All software code and blueprints can be reviewed by our customers. Neither Microsoft nor Securosys have access to the plain view of any customer data.
You will need this solution if: