NEW Power Platform Customer-managed key (CMK) We are excited to announce the General Availability for Power Platform Customer-managed key (CMK)! Microsoft Power Platform empowers you to do more with less by making it easier than ever to securely scale low-code adoption, increase organizational collaboration, and infuse AI and automation into all your business processes. Microsoft Power Platform comes with advanced risk and compliance…
The CMK feature encrypts customer data and configuration information with strong Microsoft-managed encryption keys by default. However, customers now have the option to use their own encryption keys for greater control over data security. The customer-managed keys allow for encryption key rotation, key access revocation, and enhanced data protection, meeting essential risk and compliance requirements.
Mercedes Benz has reported successful use of the CMK feature in Microsoft's Dataverse, citing it as instrumental in their move towards a "cloud-first" paradigm and managing cloud-based data security risks.
The process to control and manage encryption keys involves the Azure Key Vault admin creating a key vault and generating an encryption key, which the Power Platform Enterprise policy points to. Power Platform local admins then add the Power Platform environment to the Power Platform Enterprise policy, automatically encrypting all environment data with the encryption key.
The feature provides complete control over encryption keys to the customer, limiting access to the Azure Key Vault and/or key to Microsoft support staff. Deleting or revoking access to the key vault or key will disable all environments encrypted with the key, restricting access by users and Microsoft.
The new Power Platform Customer-managed key (CMK) is now available for general use. This feature enables customers to securely scale their low-code adoption, increase organizational collaboration, and use AI and automation within their business processes. With CMK, users will be able to have more control over their data and have higher confidence in its security. Additionally, customers will be able to take advantage of advanced risk and compliance features, allowing them to comply with regulations and policies. CMK also enables customers to manage their encryption keys and data access policies, giving them an extra layer of security. Finally, customers will be able to use CMK to create custom encryption keys and to assign them to specific users. This will help ensure that data is secure and compliant with applicable laws.
Power Platform, Risk Management, Compliance, Low-Code Adoption, Automation, AI