Sign in to my dashboard Create an account

Enhance security with customer-managed keys in Azure NetApp Files

Lightbulb next to keys on a wooden table
Table Of Contents

Share this page

Robert Cox
Robert Cox

In today's digital landscape, the security and protection of data have become paramount for organizations across all industries. With the increasing sophistication of cyberthreats, it’s crucial to implement robust security measures to safeguard sensitive information. One effective approach is the use of customer-managed keys (CMK). Storage processes obscure and protect your data from unauthorized access and use.

In Azure storage services such as Azure NetApp Files, is a built-in security mechanism that protects data at rest. Azure NetApp Files now supports customer-managed keys on both source and data replication volumes with cross-region replication or cross-zone replication relationships. In this blog post, we’ll explore the concept of CMK and its role in enhancing cyber resilience for organizations that use Azure NetApp Files.

Understanding customer-managed keys (CMK)

CMK is a security feature that allows organizations to take control of their keys and manage them independently from the cloud service provider. In the context of Azure NetApp Files, CMK enables customers to encrypt and decrypt their data stored in Azure NetApp Files by using their own keys, so they have exclusive control over the process.

CMK in Azure NetApp Files enhances cyber resilience by offering the following benefits:

  • Enhanced data security. By using CMK, organizations can strengthen the security of their data stored in Azure NetApp Files. With CMK, the keys are generated, managed, and stored within the organization’s own infrastructure, reducing the risk of unauthorized access to sensitive information. This approach provides an additional layer of protection against data breaches and insider threats.
  • Compliance and regulatory requirements. Many industries and regions have stringent data protection regulations that require organizations to maintain control over their keys. CMK in Azure NetApp Files allows businesses to meet these compliance requirements by keeping the keys within their possession. It provides an auditable trail of key management, which can be essential for regulatory compliance audits.
  • Protection against unauthorized access. CMK offers organizations protection against unauthorized access to their data. Even if a breach or unauthorized access occurs within the cloud environment, the encrypted data remains inaccessible without the corresponding keys. This protection minimizes the risk of data exposure and helps organizations maintain the confidentiality of their sensitive information.
  • Trust and confidence. CMK provides organizations with a sense of trust and confidence in the security of their data. By having exclusive control over the keys, organizations can keep their data protected, fostering trust with customers, partners, and stakeholders.


In an era when cyberthreats continue to evolve, organizations must adopt strong security measures to protect their data. CMK in Azure NetApp Files provides organizations with enhanced data security, compliance with regulatory requirements, and protection against unauthorized access. By using CMK, organizations can bolster their cyber resilience and gain greater control over the process, ultimately maintaining the confidentiality and integrity of their valuable data.

To learn more, read this Microsoft Azure article: Configure customer-managed keys for Azure NetApp Files volume .

Robert Cox

Robert is a senior product marketing manager with over 20 years of product marketing and product management experience. He is focused on NetApp’s Cloud Data Services, working to enable customers to deliver business outcomes for all IT workloads in cloud, multicloud, and hybrid cloud environments. Robert is an avid cyclist and loves to be outdoors.

View all Posts by Robert Cox

Next Steps

Drift chat loading