Using Microsoft Managed Keys for Purview Information Protection, should rekey be done frequently to prevent compromised keys from persistent access?

Ricky HAIR 0 Reputation points

I wish to enable Azure RMS part of Microsoft Purview Information Protection. And with Microsoft Managed Tenant Keys, I have uploaded a AD RMS master key in order for previously sent documents and emails to retain RMS function after my migration to Azure RMS.

In the event my AD RMS key or Azure RMS tenant were compromised or both were compromised, I wanted to know if rekey is done through self service, or requested via Microsoft, and if this rekey can be an annual activity, as a means to deny access in the event of unknown compromise to the keys?

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,327 questions
0 comments No comments
{count} votes