Microsoft announced a Double Key Encryption preview for data generated with Microsoft 365 applications. As Microsoft can access only one key. Microsoft is unable to access the data and key, which helps to ensure data privacy and protection. Double Key Encryption is applied to current customer data encryption systems that occur when the data is stored in the data centers of Microsoft and when the data is in transit. Microsoft defines double key encryption as being distinct from the Microsoft Information Security program. They call it different as it helps organizations to label and secure access to insecure files.
What is Double Key Encryption (DKE)?
Double-key encryption allows you to secure your highly confidential data while keeping your encryption key in complete control. It allows us to use two different encryption keys altogether to access secure data.
Dual Key Encryption (DKE) uses two encryption keys to access secure information together. Within Microsoft Azure, you store one key and hold the other key. The unified labeling client Azure Information Protection protects highly sensitive content. Though you keep full control of one of your keys. DKE enables all applications in the cloud and on-premises. Such deployments help to ensure that the encrypted data stays invisible anywhere the secure data is stored. In DKE documentation, Microsoft explained the prerequisites, DKE source code GitHub repo, and the list of steps to deploy DKE.
Microsoft Double Key Encryption enters public preview
DKE allows tenants to build several DKE labels and secure data with various encryption keys. They often impose various group policies and limitations on access depending on the users who need to access the data. Once the label has been deployed, users can turn it on for any text. They’ve automatically encrypted and secured the file while managing the Microsoft 365 account within a business. DKE for Windows 365 E5 and Office 365 E5 clients will be available as a public preview. Additional information such as official documents and GitHub databases will be available soon.
In today’s world, the prevalence of remote work relies heavily on knowledge sharing, challenging organizations to drive efficiency while preserving data privacy and regulatory enforcement. DKE will help companies to secure their highly critical data.
Two use cases that can help include Double Key Encryption:
- Sensitive Intellectual Property: Intellectual Property (IP) applies to human mind inventions and IP rights, which protect authors’ interests over their creations.
- Regulated Environments: Any regulated environment is basically a governed environment. Rules state which conditions a business must meet in order to produce legitimate results or products of a guaranteed quality level.
Advantages of Double Key Encryption
- It is possible to login non interactively.
- Safer than passwords: In order to act as a legal user, a malicious user must get both the private key and the corresponding passphrase.
What to gain with Double key Encryption
Double Key Encryption provides you with the ability to encrypt your highly confidential data while retaining full control of your key. Because Microsoft can only access one of the keys, the secure data remains unavailable to Microsoft. It means you have total control of its privacy and protection. You can use DKE to:
- Keep full control of your key: You can host the Double Key Encryption service for requesting your key to be placed at a location of your wish (on-premises key management server or in the cloud), and for retaining or maintaining it like other applications
- Enjoy a consistent experience in Labeling: Admins and users with necessary permissions may use DKE to build labels. In the Microsoft 365 compliance center they built labels just as they do for any other form of sensitivity mark.
- Easy to use: By cloning the GitHub DKE files, you can access the code and instructions. You can also sync it with your Active Directory tenant or on-site, and public and private keys.
Microsoft says the new feature has been developed specifically for highly regulated sectors, such as financial services or healthcare. Also, for businesses and companies that need to store confidential data safely in the cloud. Double Key Encryption allows organizations to secure the mission-critical data-a a small amount of their total knowledge. Microsoft 365 offers essential data security by encrypting customer data, both in transit and at rest.