Customer Key — Solving Microsoft 365

Customer Key is the Microsoft 365 service encryption option that lets a customer provide and manage the root encryption keys used to encrypt their data at rest in Exchange Online, SharePoint Online, OneDrive, and Teams. The customer's keys live in Azure Key Vault in the customer's own Azure subscription. Microsoft uses the keys to encrypt content; the customer can revoke access to the keys to render their tenant data inaccessible (the "data destruction" scenario). Different from service encryption with Microsoft-managed keys (the default for all tenants). Customer Key is included in Microsoft 365 E5 and standalone as Office 365 Advanced Compliance add-ons. Required by specific regulations in some industries.