Encryption keys

By default, Comma uses Azure to manage encryption keys. If needed, customers can supply their own key for encryption.

To use your own key, contact your Comma account lead to enable BYOK access, then provide your vault key reference in the Configuration Center. Switching to BYOK will require you to verify your identity again before the change goes through. Your internal team is responsible for rotating the key.