Azure Key Vault Reviews

We will likely use Microsoft Azure Key Vault for secure key management.

Provide a central, secure repository for keys.

It is a managed service in Azure, you do not have to worry about security other than the access. The vaults themselves are inherently secure.

It's too early for me to say with certainty, but what I'm seeing thus far is that Key Vault at face value is more of a secure store than it is a password manager. I suspect that we may be able to use logic apps to perform some actions that a password manager would, but a little more focus in this area would be beneficial.   

I have been using Microsoft Azure Key Vault for one day.

We have approximately 15 users using the solution in my organization.

The setup of my test files has been easy and the documentation is straightforward.

I handle the implementation of the solution.

The price of the solution is reasonable for what we are using it for.

We did not have a great solution in the past. We wanted something better, and everything that I read about Microsoft Azure Key Vault was good. We did evaluate other solutions but we were already using Azure for other things, it made sense to implement Microsoft Azure Key Vault.

Other people's opinions of Microsoft Azure Key Vault seem to be quite good.

I rate Microsoft Azure Key Vault an eight out of ten.

We use it for storing secrets for different accounts. If a service account or a storage account or a resource needs access to a resource, and there's a password involved, you would book out a password, and access Key Vault to gain access to the password, and get access to the resource.

The ability to use identity access management incorporated with RBAC is important for us. It helps us ensure the governance and security posture is secure and logical.

Among the features that have helped improve our security posture are storing secrets in a secure location to create a trusted situation, trusted resources, and incorporating identity access management so that we know who has access to what.

In addition, it hasn't affected our end-user experience. It's seamless.

One of my previous clients was one of the big banks here in the Netherlands and the EU courts have stated that Microsoft Azure Key Vault is not, according to their perspective, secure due to the fact that Microsoft has access to Key Vault. If you cannot demonstrate that only you, as an organization, have access to your secrets, then you are not in control of your secrets. That is a concern.

Also, a big issue is the configuration. It could be that the people working on the solution, the system engineers, might lack knowledge and not incorporate all the best practices from Microsoft. The way they've implemented it might not be the way Microsoft envisioned it. It's always back to who's implementing what for you as a solution.

We've been using Microsoft Azure Key Vault for two to three years.

It's robust. It's good.

The scalability is very good. It's up to your imagination and how big you want to make your resilience and high availability and so on.

We have plans to increase our usage because we are going to launch new websites for specific regions. There will just be more resources needed.

Microsoft has a support team that calls our security team every two weeks to discuss any topics and issues, and to talk about topics of the day or the week. It might be about resilience or expansion or features that are changing and new releases. It's good to have a meeting at least every two weeks that gives us the opportunity to speak to Microsoft account management.

Positive

The initial setup was straightforward. It's already incorporated in Azure, so you can just use it. It took minutes to deploy.

The ROI is due to the fact the services keep on growing. It's better, it's more secure, and it grows. It's becoming a better product.

Our customer did not evaluate other products. They mostly want to do things native to Microsoft Azure, so that's their first port of call. And if Azure services cannot provide the functionality that they need, then they will go and look outside.

Other service providers try to lower the prices, but it all depends on your development environment and your core skills. You are a bit more stuck if you are coding in .NET. If you go down that route, you can't easily move out to another service provider. Maybe you can go the route of adding a new team with a different service provider, but then you will need to mash it together. You would need to evaluate if that is a good option.

We have about 70 developers and they are in different teams. They interact with third parties and they have different roles, including front-end and back-end developers. Each one creates services for different websites for different regions, to sell e-vape cigarettes. And we have team leaders who use it as well. There's a security team of five people responsible for the infrastructure of Azure, including creating new resources or whatever is necessary for the dev teams. There are also operations management and product owners who make decisions on schedules, what will be built, and priorities.

Deployment and maintenance are part of the security engineers' work, to manage any issues. Sometimes the dev teams get involved with root cause analysis if something is going wrong with a web application. We have a team for certain maintenance tasks and requests.

The biggest lesson I've learned from using this solution is: "Stay secure."

We use it to store our secrets and passwords for our integrations and applications.

We only use the basic features and those are the ones that have the ability to tie into the app, the secrets, and the passwords and encrypt them.

So far we've had good luck with it. We haven't had any bad experiences. Once we got it set up and we got it injected into our code, we've had pretty good success.

I have been using Microsoft Azure Key Vault for around a year and a half. 

We have about 225 applications that are using it.

Their technical support was good when we used them.

Positive

We did not use a different solution. This is our first time using the services.

The initial setup was pretty straightforward. 

I thought the price was reasonable. 

My advice would be to definitely leverage your premier support to help you get it going. Once you get going on it, it's fairly simple to use.

I would rate it an eight out of ten. 

To make it a ten the setup should be more streamlined.

We use this product to manage our keys for storage, as well as the SQL server.

The most valuable features are ease of use and enabling our clients to manage keys.

The initial setup could be less complex for first-time users.

We have been working with Microsoft Azure Key Vault for about a year.

This product has been very stable for us.

Scalability does not apply to our use case. I can say that it works well for smaller organizations.

Microsoft technical support has been very responsive and good.

Prior to the Azure Key Vault, we used a third-party password value. We moved to satisfy our customer requirements.

The first time we implemented this solution it was a little complex but as you use it, the process becomes easier. Installation specifics depend on each organization's needs.

The deployment, initially, was a couple of hours. After that, it took perhaps another hour to work through the setup and documentation.

We have admins who are in charge of using the Key Vault.

I would rate this solution a ten out of ten.

There are currently two people in my team using this solution. I'm an associate consultant. 

This is a very user friendly solution and the security level is very high.

The solution could be improved by making it accessible to more people. 
The most significant additional feature I'd like to see would be the ability to access the system on the phone via my Microsoft login and to be able to manage the desktop file folders that way. That's something I look forward to. 

I've been using this solution for six months. 

It's a stable solution. 

It's a scalable solution. 

I'm satisfied with the technical support. 

The initial setup took less than 10 minutes. 

I recommend this solution and would rate it an eight out of 10.