Sepior ApS and DuoKey today announced a partnership to enable Microsoft Office 365 customers to protect their highly sensitive data to meet requirements across several regulations and standards such as the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), Russia’s Federal Law No. 242-FZ, Australia’s Federal Privacy Act 1988, New Zealand’s Privacy Act 1993, and many others.
The jointly developed solution leverages Sepior’s Threshold Key Management System and DuoKey’s integration with DKE for Microsoft 365 to allow customers to maintain full control of their encryption keys. The solution uses two keys to protect data; one key managed securely by the customer in DuoKey and a second key stored in Microsoft Azure. Viewing data protected with DKE requires access to both keys. Since Microsoft can access only one of these keys, protected data remains inaccessible to Microsoft, ensuring that customers have full control over their data privacy and security. Traditional best practices would require the enterprise to use their own Key Management System (KMS) backed up by a Hardware Security Module (HSM) to securely store keys under their control. DuoKey’s offering delivered as a service provides an alternative for achieving enterprise-grade key security using Sepior’s Multiparty Computation (MPC) technology for Threshold Key Management.
Microsoft DKE has been requested by DuoKey’s customers in countries like Switzerland where regulation and compliance rules for banks are strict about controlling encryption keys. Microsoft’s understanding and dedication to creating new innovative services that support highly-regulated environments like financial services and healthcare allows DuoKey customers to move securely to public cloud services such as Office 365.
“We are incredibly excited to bring this new service to the market through Microsoft’s Office 365 Marketplace,” said Nagib Aouini, chief executive officer and founder of DuoKey. “Our service empowers our customers to increase the security of their most critical Office 365 data, giving them total control, while making it far easier, faster, and lower in cost to provide that control.”
“I had an opportunity to work with Duo Key during a data encryption project,” said Seyfallah Tagerout, Microsoft MPV at AiM Services SA. “This solution offers a unique service that allows customers to protect their Microsoft Office 365 data with their encryption key in a Double key encryption context. The encryption key is fully managed by customers and stored in a secure environment. The keywords for Duo Key are Security, Scalability, High availability, and flexibility. No need to invest in expensive infrastructures, Duo Key offers a suitable and flexible solution that allows you to encrypt your data with confidence through AIP/MIP Sensitivity label”.
“DuoKey’s integration with DKE is a perfect use case for MPC,” said Ahmet Tuncay, chief executive officer of Sepior. “Our pure-software Threshold Key Management technology can run natively in any cloud, or multi-cloud environment, to secure keys with no single point of failure. Matching this capability with Microsoft’s DKE offering allows any business to meet specialized data privacy mandates and regulations in a way that is transparent to the Office 365 experience.”
Founded in 2020 in Lausanne, Switzerland, DuoKey is a cybersecurity innovator founded by experienced entrepreneurs and cryptographers. DuoKey is part of the Tech4Trust accelerator at the Swiss TrustValley. DuoKey solves the challenge of keeping millions of customer’s data safe. DuoKey’s cryptography team is dedicated to providing the security features our customers need to confidently move sensitive workloads to the cloud and benefit from strong security controls that help meet internal and external compliance requirements. DuoKey’s Key Management Service is based on innovative Multiparty computation (MPC) that provides encryption services without needing to rely on traditional HSM (Hardware Security Module) appliances.
For more information, visit https://duokey.ch
About Sepior ApS
Founded in 2014, in Aarhus, Denmark, Sepior is enabling trust for online financial transactions and enterprise data protection applications, such as cryptocurrency custodial wallets, public or private blockchains, and cloud-based SaaS offerings, using threshold-based multiparty computation (MPC). Using patented threshold cryptographic protocols, Sepior’s RSA award-winning team of renowned cryptography experts has revolutionized key protection and management required for online security and privacy. The result is a customer-definable security framework that operates with any hardware, virtual device, or platform, using a decentralized-trust model, optimized for current and emerging fintech, cloud, IoT, and distributed ledger applications and services, allowing multiple parties to transact with trust.