Azure Key Vault has a lot of glitches. The solution's trial version should provide some more facilities so that people can try them and then decide whether to implement the tool in their project.
As of today, there is limited support for third-party vendors. You are forced to work with the vendors that Azure approves. Only a few and not all third-party vendors are supported on Azure Key Vault. It would be great if Azure allowed more third-party vendors into the ecosystem. Currently, the solution's pricing is based on the number of transactions, which is very high in some cases. The solution's pricing could also be reduced. Currently, dedicated Azure Key Vaults are not available in the UAE region. We are using a shared solution with other customers. There is a great need for certain customers who want dedicated hardware-based or physically segregated Azure Key Vault.
If I consider how some people complain that a solution to store information should be available at a low cost, I would say that Azure Key Vault's price should be made cheaper.
There's room for improvement in cross-platform compatibility. It would be helpful if Azure Key Vault could be used with other cloud platforms besides Azure.
Head of IT Security Division at a financial services firm with 10,001+ employees
Real User
Top 5
2023-10-27T15:41:00Z
Oct 27, 2023
It is complicated to use different services and products along with Azure Key Vault. There should be a single vault for virtual servers, containers, and other services. It could be universal with the possibility to use all types of technologies.
It's currently very self-sufficient and doesn't need improvements. It's already a good service. We haven't faced any problems with the solution as such. The only issue we are facing is around the comparability with TerraForm, which we use to code the infrastructure. Sometimes there are issues there, even though it's not directly related to Microsoft. So far, it's served all of the client's purposes. We haven't come across a use case the solution could not handle. There are additional charges for data transfers. However, the pricing is mostly reasonable for the licensing overall.
They should add a key vault feature for the databases temporarily integrated into hybrid clouds. Also, they should make the key accessible once the databases migrate to another environment.
Senior Data Engineer at a tech company with 201-500 employees
Real User
Top 5
2023-02-12T12:22:05Z
Feb 12, 2023
We can currently configure RBAC, Azure role-based access control, or a voucher access policy. The voucher access policy can be improved by configuring it based on groups, rather than just applications or users.
I want to see faster key retrieval, as it sometimes takes a while. Better integration with other third-party cloud providers, such as AWS and GCP, should be there. That's something I expect from a Microsoft-built product.
CyberSecurity Director of Intelligence at a tech services company with 1-10 employees
Real User
2022-06-01T21:05:00Z
Jun 1, 2022
One of my previous clients was one of the big banks here in the Netherlands and the EU courts have stated that Microsoft Azure Key Vault is not, according to their perspective, secure due to the fact that Microsoft has access to Key Vault. If you cannot demonstrate that only you, as an organization, have access to your secrets, then you are not in control of your secrets. That is a concern. Also, a big issue is the configuration. It could be that the people working on the solution, the system engineers, might lack knowledge and not incorporate all the best practices from Microsoft. The way they've implemented it might not be the way Microsoft envisioned it. It's always back to who's implementing what for you as a solution.
Senior Software Engineer at a tech services company with 10,001+ employees
Real User
2022-04-12T16:49:10Z
Apr 12, 2022
Microsoft Azure Key Vault could improve by enhancing the security of credentials. Without the security or the use of key vaults, we would have to configure our credentials into the source code as plain text without the encryption or security.
System Administrator at a government with 1,001-5,000 employees
Real User
2021-10-04T16:06:00Z
Oct 4, 2021
It's too early for me to say with certainty, but what I'm seeing thus far is that Key Vault at face value is more of a secure store than it is a password manager. I suspect that we may be able to use logic apps to perform some actions that a password manager would, but a little more focus in this area would be beneficial.
Cloud Architect at a marketing services firm with 11-50 employees
Real User
2021-08-17T13:05:00Z
Aug 17, 2021
If you check the capabilities of other key management services across Amazon, HashiCorp, and Google, there are features that Key Vault doesn't have. It could be the case that when you use Key Vault, you might be forced to use a third-party solution to get certain services. If those services could be included in Key Vault, there would be diminished reasons to go for a third-party key management system.
Founder & Principal Architect at NCompas Business Solutions Inc.
Real User
2021-04-01T08:59:00Z
Apr 1, 2021
Azure has great documentation, but I would like to see more use cases pertaining to specific industries. For example, case studies on how to use HIPAA compliant solutions in the healthcare industry or how to use PCI compliant data analytics solutions in the financial technology industry would be helpful.
Co Founder & CTO at a manufacturing company with 1-10 employees
Real User
2020-07-23T07:58:37Z
Jul 23, 2020
Azure needs to provide versions of Key Vault that are suitable for different sizes of companies. For example, we are not a big corporation that can afford corporate-level pricing. We have to strike a balance between the number of users and the volume of keys that are being used.
The solution could be improved by making it accessible to more people. The most significant additional feature I'd like to see would be the ability to access the system on the phone via my Microsoft login and to be able to manage the desktop file folders that way. That's something I look forward to.
Microsoft Azure Key Vault is a cloud-based data security and storage service that allows users to keep their secrets safe from bad actors.
Benefits of Microsoft Azure Key Vault
Some of the benefits of using Microsoft Azure Key Vault include:
Secure your secrets in a single central location, enabling you to control how your information is disseminated.
Keep your data away from bad actors. Application administrators can store their application’s security information away from the actual...
Azure Key Vault has a lot of glitches. The solution's trial version should provide some more facilities so that people can try them and then decide whether to implement the tool in their project.
As of today, there is limited support for third-party vendors. You are forced to work with the vendors that Azure approves. Only a few and not all third-party vendors are supported on Azure Key Vault. It would be great if Azure allowed more third-party vendors into the ecosystem. Currently, the solution's pricing is based on the number of transactions, which is very high in some cases. The solution's pricing could also be reduced. Currently, dedicated Azure Key Vaults are not available in the UAE region. We are using a shared solution with other customers. There is a great need for certain customers who want dedicated hardware-based or physically segregated Azure Key Vault.
If I consider how some people complain that a solution to store information should be available at a low cost, I would say that Azure Key Vault's price should be made cheaper.
It would be great if it would integrate with other cloud solutions.
The product must provide AI features.
The solution could be cheaper.
Azure Key Vault is only available for Microsoft services, and it should be exposed to non-Microsoft cloud services, like GCP and Amazon.
Azure Key Vault takes time to fetch values while integrating it with the code written in .NET format.
The solution needs to improve reliability and protection.
There's room for improvement in cross-platform compatibility. It would be helpful if Azure Key Vault could be used with other cloud platforms besides Azure.
It is complicated to use different services and products along with Azure Key Vault. There should be a single vault for virtual servers, containers, and other services. It could be universal with the possibility to use all types of technologies.
While it is reliable, enhancing security and protection should always be the priority.
The solution needs to improve its cost.
The slow response from the support team is one of the shortcomings of the solution that needs to be improved.
It's currently very self-sufficient and doesn't need improvements. It's already a good service. We haven't faced any problems with the solution as such. The only issue we are facing is around the comparability with TerraForm, which we use to code the infrastructure. Sometimes there are issues there, even though it's not directly related to Microsoft. So far, it's served all of the client's purposes. We haven't come across a use case the solution could not handle. There are additional charges for data transfers. However, the pricing is mostly reasonable for the licensing overall.
They should add a key vault feature for the databases temporarily integrated into hybrid clouds. Also, they should make the key accessible once the databases migrate to another environment.
We can currently configure RBAC, Azure role-based access control, or a voucher access policy. The voucher access policy can be improved by configuring it based on groups, rather than just applications or users.
I want to see faster key retrieval, as it sometimes takes a while. Better integration with other third-party cloud providers, such as AWS and GCP, should be there. That's something I expect from a Microsoft-built product.
Sometimes it takes too long to retrieve the keys. The authentication process takes time. It's also not fully compatible with Azure Databricks.
The rotation of key needs improvement. It needs to offer dynamic secrets management.
One of my previous clients was one of the big banks here in the Netherlands and the EU courts have stated that Microsoft Azure Key Vault is not, according to their perspective, secure due to the fact that Microsoft has access to Key Vault. If you cannot demonstrate that only you, as an organization, have access to your secrets, then you are not in control of your secrets. That is a concern. Also, a big issue is the configuration. It could be that the people working on the solution, the system engineers, might lack knowledge and not incorporate all the best practices from Microsoft. The way they've implemented it might not be the way Microsoft envisioned it. It's always back to who's implementing what for you as a solution.
Microsoft Azure Key Vault could improve by enhancing the security of credentials. Without the security or the use of key vaults, we would have to configure our credentials into the source code as plain text without the encryption or security.
It's too early for me to say with certainty, but what I'm seeing thus far is that Key Vault at face value is more of a secure store than it is a password manager. I suspect that we may be able to use logic apps to perform some actions that a password manager would, but a little more focus in this area would be beneficial.
If you check the capabilities of other key management services across Amazon, HashiCorp, and Google, there are features that Key Vault doesn't have. It could be the case that when you use Key Vault, you might be forced to use a third-party solution to get certain services. If those services could be included in Key Vault, there would be diminished reasons to go for a third-party key management system.
I would like more code examples.
Azure has great documentation, but I would like to see more use cases pertaining to specific industries. For example, case studies on how to use HIPAA compliant solutions in the healthcare industry or how to use PCI compliant data analytics solutions in the financial technology industry would be helpful.
The initial setup could be less complex for first-time users.
Azure needs to provide versions of Key Vault that are suitable for different sizes of companies. For example, we are not a big corporation that can afford corporate-level pricing. We have to strike a balance between the number of users and the volume of keys that are being used.
The solution could be improved by making it accessible to more people. The most significant additional feature I'd like to see would be the ability to access the system on the phone via my Microsoft login and to be able to manage the desktop file folders that way. That's something I look forward to.