I don't know about a device operating at the scale that Azure is using, but the key stores on smaller Thales HSMs can absolutely be backed up to smart cards.
Security of key material is all about procedures. With a private CA I helped to setup, we used a quorum based authorization scheme, and the collection of smart cards was distributed among different reporting lines to make collusion between employees difficult.
Makes sense. At that point it's probably easier to find another part of the software stack to attack instead of the secrets itself. E.g. instead of getting the keys to the kingdom, just exploit a weakness in some signing software. Reminds me of that Microsoft certificate signing service for remote desktop (or something like that) for the feds (okay, maybe not but still...) that ended up generating certificates that would pass Windows Update checks for from-Microsoft validity. Google reminds me it was called "Flame". Ah, here it is: http://www.securityweek.com/microsoft-unauthorized-certifica... And it was revealed roughly a year before we learned about PRISM and such.
Security of key material is all about procedures. With a private CA I helped to setup, we used a quorum based authorization scheme, and the collection of smart cards was distributed among different reporting lines to make collusion between employees difficult.