Microsoft has deployed Thales nShield hardware security modules (HSMs) to provide enhanced security for new cloud-based collaboration service that supports  a multitude of document formats, Microsoft Rights Management service (Windows Azure RMS). 

It is also offering organisations the  ability to retain control over assets such as cryptographic keys. In addition to using HSMs in the Windows Azure cloud it allows customers to ‘bring your own key’ (BYOK). 

By using a Thales nShield HSM on-premise an organisation can generate and securely transfer their critical Tenant Key (the customer’s master key) to Thales HSMs in Windows Azure where it is used to underpin the security of their RMS service. This gives organisations complete custody and visibility over the use of their master key and the reassurance that they can use the Microsoft service on their own terms.

Dan Plastina, Partner Group Program Manager, Microsoft says. "“The Microsoft Rights Management service helps customer safeguard their data, both inside and outside of the organization. As a result of our collaboration with Thales, our customers can generate and upload their own master keys to a cloud-based HSM and keep complete control over their keys, giving them confidence that their data is protected.”