Securosys 365 encrypts the contents of customer documents stored in the Microsoft cloud using keys not available to Microsoft. The solution takes advantage of Microsoft’s new Double Key Encryption (DKE) offering. Any Microsoft 365 document that is encrypted by default with keys managed by Microsoft can now be encrypted once more with an additional key: one that is under the exclusive control of the customer and securely stored in Securosys CloudsHSM. The document can only be viewed and accessed using both keys, much like the four-eyes principle. The files remain inaccessible to any provider like Microsoft, Securosys, or DuoKey.
Securosys 365 is provided through Securosys’ ISO27001-certified CloudsHSM service located in Switzerland. It takes care of the generation of secure keys, their management, handling, and storage on behalf of the customer. It is operated geo-redundantly in three different Swiss datacenters. For customers with services where data privacy is paramount, the combination of Securosys 365 and Microsoft DKE enables the most secure usage of the Microsoft 365 Cloud.
"Together with Securosys, we can not only provide a complete Swiss solution, but also have the best HSM technology available to provide a secure way to use Microsoft 365 and Azure”, said Nagib Aouini, CEO and founder of DuoKey.
"Finally, we can provide a solution that leverages Microsoft 365 Cloud while meeting strictest privacy regulations, the need for enhanced security, and higher levels of confidentiality," said Robert Rogenmoser, CEO of Securosys. “For compliance reasons, many communities, cantons, law offices and financial organizations were previously unable to take advantage of Microsoft 365 and Microsoft Azure; with Securosys 365, this restriction is gone.”
Securosys 365 is built on top of Securosys CloudsHSM and uses Securosys’ FIPS140-2 Level-3 certified Primus HSM. All software code and blueprints from Securosys and DuoKey can be reviewed by their customers. Neither Microsoft, Securosys, nor DuoKey have access to the plain view of any customer data. Securosys 365 is also available as an on-premises solution that can be independently operated by customers.
(Press release)