Data Security Manager as a Service

DSM SaaS provides secure key management and cryptography service across public, private, hybrid or multicloud environments, simplifying provisoning and control of encryption keys.

Download Datasheet

dsm saas

Highly resilient, distributed architecture with maximum availability

With increased use of SaaS apps and cloud, IT infrastructure today is more nimble, more scalable, and cost-effective than ever before. But is it also more secure? At a time when cyber risks are higher than ever organizations are grappling with a severe talent drought to handle their data security infrastructure and are stuck with legacy security solutions that were never designed to integrate with the modern, dynamic environment of cloud and DevOps. Even the most robust data security tools and processes available today were never designed keeping a cloud-first world in mind. With more and more data migrating to the cloud while being subjected to regulatory controls — data security is an innate issue. Organizations can no longer afford to get tied by the on-prem and other architectural limitations. Data security must be infinitely scalable and offer elasticity that matches the agility of your new modern cloudbound IT infrastructure.

Fortanix Data Security Manager (DSM) SaaS combines the full proven capabilities of the Fortanix on-premises solution and flexibility of the cloud. It is the first and only multicloud data security service certified to the rigorous FIPS 140-2 Level 3 security standard. DSM SaaS lets organizations opt for a new service-based model that makes data security simpler to deploy, easy to manage and above all, more cost-effective SaaS-based data security for a cloud-first world.

INTEGRATED DATA SECURITY AS A SERVICE

Fortanix DSM SaaS is an integrated data security as a service that offers secure key management and cryptography services including cloud key management, secret management, and tokenization to protect sensitive data in public, private, hybrid, or multi-cloud environments.

HIGHLY AVAILABLE SERVICE

The service is purpose-built for high availability — even if most nodes in a cluster are active. An ideal multi-site deployment of Fortanix DSM would cover at least 3 data centers (Availability Zones) KMS clusters, to ensure high service availability. Keys are replicated within a cluster within a region.

HSM AS A SERVICE

FIPS 140-2 Level 3 certified HSM to store encryption keys and cryptographic operations are securely executed within the module. HSM as a service simplifies operations and reduces management overhead.

HIGHLY SCALABLE SOLUTION

Fortanix DSM SaaS supports millions of keys per customer, horizontal scalability within the site, metro, and region, and low latency with cloud proximity.

Unified Architecture

unified architecture of data security manager saas

Why SaaS based data security?

EASE OF INTEGRATION
The SaaS based model is built from the ground up for easier integration with apps, IT infrastructure and services.

NO SPECIALIZED EXPERTISE/ SKILLS REQUIRED
Keeping the cybersecurity skill shortage in mind, our SaaS based data security is designed for easy usage and faster adoption. No additional/ special skillset required. Simplified operations with zero management overhead/hardware.

START SMALL AND START IMMEDIATE
Quick to set up, quicker to start. Data Security at your fingertips that can scale as you grow with increasing operational volumes.

Key Benefits

UNIFORM SECURITY ACROSS CLOUDS

UNIFORM SECURITY ACROSS CLOUDS

Different encryption tools for each cloud increases complexity and risk. DSM SaaS is a single platform to manage keys across multicloud environments. The platform offers HSM-grade key storage, accessibility, and Bring your own key (BYOK) support. Only authorized users can access the keys offering enhanced privacy to help defend against malicious insider threats.
EASY TO USE, DEVELOPER FRIENDLY SERVICE

EASY TO USE, DEVELOPER FRIENDLY SERVICE

The service supports same APIs and cloud services that DevOps teams use today. Powerful RESTful APIs make it easy for developer and DevOps teams to use and integrate data security into their applications.
HIGHLY RESILIENT, DISTRIBUTED ARCHITECTURE WITH MAXIMUM AVAILABILITY

HIGHLY RESILIENT, DISTRIBUTED ARCHITECTURE WITH MAXIMUM AVAILABILITY

Platform is based on a multiple cluster architecture. Each cluster resides in separate data centers to support a high-availability architecture and minimize latency. Keys are replicated automatically to eliminate a single point of failure and intelligent load-balancing service automatically accesses the nearest key management service.
SIMPLIFY OPERATIONS AND ENSURE EASE OF MANAGEMENT

SIMPLIFY OPERATIONS AND ENSURE EASE OF MANAGEMENT

Unlike, on-prem appliances, Data security as a service simplifies operations, ensures ease of management without concern for HSM appliance selection, management, and provisioning.
PAY AS YOU GROW

PAY AS YOU GROW

Organizations can start with just what they need for a particular data security use case and then grow from there. A complete set of APIs keeps things simpler through easy integration with new and existing applications.

Key Features

CORE HSM AND KEY MANAGEMENT CAPABILITIES

  • Accessed publicly via the public cloud
  • Built-in encryption, key management and tokenization
  • High availability, intelligent geographic load balancing, resistance to site failure
  • Centralized web-based UI with enterprise-level access controls and single sign-on support
  • Distributed low latency key access
  • Single enterprise-wide key across cloud and data centers

EXTENSIBILITY WITH APIs AND STANDARDS

  • Support for RESTful APIs, PKCS#11, KMIP, JCE, Microsoft CAPI, and Microsoft CNG
  • Multi-site and hybrid cloud support
  • Leverages open standards including KMIP, SAML/SSO, and PKCS#11
  • Encryption standards include AES, RSA, HMAC, and ECC, Opaque objects to provide the highest levels of security

ACCESS CONTROLS AND COMPLIANCE

  • Enterprise-level access controls and audit logging
  • FIPS 140-2 level 3 certified
  • Central-tamper proof logging
  • Integrates with SIEM solutions
  • Enterprise-grade security of Intel® SGX

Globally available service, multi-region deployment with atleast 99.95 SLA

The service currently operates from 15 data centers around the world, giving you the freedom to select the global footprint that best matches your requirements.

data centers map