Encrypt customer data in Power Platform using customer-managed encryption key
Important
This content is archived and is not being updated. For the latest documentation, go to What is Microsoft Dataverse?. For the latest release plans, go to Dynamics 365 and Microsoft Power Platform release plans.
| Enabled for | Public preview | General availability |
|---|---|---|
| Users by admins, makers, or analysts | 
Mar 1, 2023 |
- |
Business value
This feature will allow customers to meet their data and privacy policy. All your data that is hosted in Power Platform can be encrypted at-rest using an encryption key provided by you from your own Azure Key Vault.
Feature details
To meet regulatory and financial data privacy policy, customers can use their own encryption key to encrypt their data at-rest hosted by Power Platform in Microsoft Dataverse. A Power Platform enterprise policy is created which uses an Azure Managed Identity to access the key vault encryption key. The Power Platform enterprise policy can be applied to individual Power Platform environment or a group of environments. All storage types for the environment, such as SQL, Azure File, Azure Cognitive Search, Azure Data Lake Storage, and Azure Cosmos DB, will use the enterprise policy's encryption key to encrypt the environment data.