Protect your critical data

58% of companies transfer sensitive data to the cloud


Protect your critical data

Double Key encryption for Microsoft 365 allows customers to maintain full control over their encryption keys. Because Microsoft can only access one of these keys, protected data remains inaccessible to Microsoft or cyber criminals, ensuring customers have complete control over the privacy and security of their data.

We provide data security for your workload in cloud services

Double Encryption for Office 365

Microsoft has launched a new security feature for Microsoft 365 called Double key encryption (DKE). DKE allows organizations to protect highly sensitive data while maintaining full control of their encryption keys. With DuoKey for Office 365, we offer the first native dual encryption services using multi-party computing (MPC) without the need for the complexity of hardware security modules (HSMs). 

DuoKey for AWS S3

There is a risk that your customer data or unsecured keys could be discovered by cybercriminals with the intent to abuse and leak your data. As more and more data breaches occur when using unsecured AWS S3 storage, organizations need to add another layer of protection on top of AWS KMS. With DuoKey, you maintain dual control of your encryption keys while protecting sensitive S3 compartments in AWS cloud services. 

DuoKey for Hashicorp Vault

To protect your Hashicorp Vault production instance, you need to perform a number of hardening tasks to secure it during reboot operations and also for key generation. Any Vault instance must be protected from memory dumping or tampering, but root access is also a major risk for any insider/hacker attack. DuoKey for Hashicorp Vault is a go KMS wrapper and PKCS#11 module that provides an automatic seal/unseal function for a smooth, operator-free restart, but also to perform a seal of all keys generated using the Enterprise version.

DuoKey for Azure CosmosDB

Recently, a vulnerability was discovered on a massive amount of Azure CosmosDB instances called “ChaosDB”. To add a second layer of protection, our MPC-based client-side encryption protects your CosmosDB instances even if there is such a vulnerability that exposes your CosmosDB instance to an unauthorized user by performing encryption on the client before the data is saved to your CosmoDB instance.

About Us

Founded in 2020 in Lausanne, Switzerland, DuoKey is a cybersecurity startup founded by renowned entrepreneurs and experienced cryptographers. DuoKey’s mission is to secure your communications, documents and data. Cybersecurity is the #1 concern for our customers migrating to the cloud. DuoKey provides the security features our customers need and allows organizations to confidently move sensitive workloads to the cloud while benefiting from strong security controls that meet internal and external compliance requirements.

DuoKey’s key management service is based on an innovative multi-party computation (MPC) that provides encryption services without the need to rely on HSM (Hardware Security Module).

DuoKey is part of the Tech4Trust Accelerator – Trust Valley Switzerland and the worldwide program “Microsoft for Startups”.

Resources and Useful Insights

Latest News


Download our latest report on Multi party computation and Office 365 encryption

Do you know that with new DoubleKey encryption feature in Office 365, you can know own and control your own encryption with Azure Information Protection.

Report MPC and
Office 365

Get your DuoKey datasheet