Double Encryption Key (DKE)
Enhance Data Protection on Microsoft 365 with Double Key Encryption (DKE)
Duokey provides Double Key Encryption (DKE), an encryption implementation for Microsoft 365 which provides an enhanced level of encryption to secure sensitive documents and data. Unlike traditional encryption methods that rely on a single encryption key, with Double Key Encryption (DKE) one key is held by Microsoft in Azure key vault, while the other key is exclusively managed externally by the client.
DuoKey for DKE implements zero-trust access controls that filter key access based on multiple criteria including IP addresses, geographical locations, Azure Active Directory groups, individual users and device identities, while providing enhanced Multi-Party Computation (MPC) security where the customer key never exists in plain text.
With DuoKey for DKE, organisations can confidently move their most sensitive data to the Azure cloud and maintain compliance with stringent data privacy regulations, including HIPAA, GDPR, FINMA, etc.
Encrypt
There is a risk that rogue administrators working at cloud service providers access customer data or keys with the intent to misuse the data. With DuoKey you keep dual control of your encryption keys while protecting sensitive documents stored in the cloud.
Protect
The most significant threats to the exposure of sensitive or confidential data are employee mistakes. In contrast, the least significant threats to the exposure of sensitive or confidential data include government eavesdropping and lawful data requests.
Track
Check who opened your sensitive content using our DuoKey track map. We provide real-time activity logs on all sensitive content while it is decrypted using our DKE service. If you want to block access to a domain or a specific user, you can leverage on conditional access control rules.
In detail
Double Key Encryption (DKE) for Microsoft 365
Unparalleled Protection for Your Microsoft 365 Data with Double Key Encryption (DKE)
DuoKey for Double Encryption (DKE) provides:
Enhanced Key Security - DuoKey employs distributed key management (with secure Multi-Party Computation) where customer keys are never fully assembled in one location, eliminating single points of compromise.
Zero-Trust Access Controls - Granular access management allows you to control key access based on specific criteria including IP addresses, device identities, Azure Active Directory groups, and geographical locations—all managed outside of Microsoft.
Flexible Deployment Options - Deploy DuoKey for DKE according to your organisation's requirements through SaaS, on-premise, or hybrid models (integrating with leading HSM vendors like Securosys, Atos HSM, Thales, and more).
With DuoKey for DKE, the cloud provider has NO ACCESS to your encryption keys or sensitive data, delivering unparalleled data confidentiality and control. Maintain true data sovereignty while meeting stringent regulatory requirements (DORA, GDPR, ...)
DuoKey DKE module seamlessly integrates with leading HSM vendors like Securosys, Atos HSM, Thales, and more.
What's Double Key Encryption (DKE)?
Double Key Encryption, or DKE, is a encryption implementation of Microsoft, which lets organisations maintain full control over their encryption keys. The implementation uses two keys to protect data; one is managed by Microsoft, while the other one is stored outside of Microsoft. Learn more in our medium article: What’s Double Key Encryption (DKE) and When You Need it?
Always client-side encryption is performed
No third-party can ever access your data
Dedicated tenant and vault for storing your keys
Manage key access with granular rules outside of Microsoft
Feedback
We are trusted by our partners
We appreciate DuoKey's cutting-edge approach to cloud security. Their double key encryption and advanced key management solutions not only enhance data protection but also ensure compliance. Utilizing advanced Multi Party Computation (MPC) protocols developed over decades by our team of acclaimed researchers, DuoKey delivers a superior level of cryptographic security, making it a reliable choice for safeguarding cloud applications and sensitive data.
Ahmet Tuncay - Former CEO, Sepior ApS
Blockdaemon Inc
DuoKey has revolutionized data security in our healthcare organization. Their encryption solutions provide robust protection for our sensitive health data, ensuring compliance and peace of mind.
CISO at Large Health NGO
Large Health NGO
Take control of your encryption keys and protect sensitive data today!
Products
Other products in our arsenal