Encrypt data at-rest with customer-managed encryption key


Some of the functionality described in this release plan has not been released. Delivery timelines may change and projected functionality may not be released (see Microsoft policy). Learn more: What's new and planned

Enabled for Public preview General availability
Users by admins, makers, or analysts - Aug 2024

Business value

This capability will allow customers to meet their data and privacy policy according to the standard privacy guidelines.

Feature details

With Dynamics 365 Business Central 2024 release wave 1, customers will gain the ability to encrypt their environment database using their own encryption key. This feature, also known as customer-managed key (CMK), provides enhanced data protection and compliance for your business data. With CMK, you can use your own Azure Key Vault key to protect and control access to the key that encrypts your environment database. This gives you more flexibility and control over your encryption keys, such as the ability to rotate, revoke, or restore them.

This feature will be administered in the Power Platform admin center, and will require the Business Central environment to be linked to a Power Platform environment. Enabling CMK on a Power Platform environment linked to a Business Central environment will apply the same CMK policy on the Power Platform and Business Central environments.