Fortanix Key Management

Get complete control and visibility into cloud encryption keys

Download Solution Brief

key management solution brief

Problem

The volume of data stored on the public cloud is growing exponentially. With this growth, the challenges of data security, regulatory compliance and the risk of data breaches grow. Cloud-native encryption relies on the cloud platform provider to secure data. Under this approach, cloud providers generate and own the data encryption keys directly to encrypt the data-at rest in cloud. With this approach, customers do not get control over the cloud keys. 

Solution Overview

Unlike cloud native solutions, Fortanix allows businesses to retain control and management of encryption keys with centralized management, consistent access control policy and centralized audit logs. Fortanix also offers Bring your own key management service (BYOKMS) allowing customers to store cloud keys externally within own datacenters thereby help meet the most stringent compliance requirements. Flexible deployment options with Software, SaaS and FIPS 140-2 level 3 HSM appliance.

key-management1

Solution Benefits

centralized management

CENTRALLY MANAGE YOUR ENCRYPTION KEYS

Fortanix DSM provides control of and visibility into your key management operations using a centralized web-based UI with enterprise level access controls and single sign-on support. Securely generate, store, and use crypto keys, certificates, secrets, passwords, API Keys, tokens etc.
multicloud

SINGLE SOLUTION FOR MULTI-CLOUD

Fortanix DSM enables you to make a secure transition to multi cloud. With HSM grade security, FIPS 140-2 level 3 protection for all keys, organizations can adopt BYOK, meet cloud security, compliance requirements and resist cloud provider lock-in.
external key manager

EXTERNAL KEY MANAGER

Fortanix has partnered with GCP to create Google Cloud External Key Manager (EKM), to enable customers to bring their own key management system and manage keys externally on customers datacenters.
devops

DEVOPS AND CLOUD FRIENDLY APIS

Fortanix DSM supports extensive RESTful APIs, PKCS#11, KMIP, JCE, Microsoft CAPI, and Microsoft CNG. Easily support all existing and new applications, whether operating in public, private, or hybrid cloud.
quote icon

When you move to the cloud, you lose that control... So the Fortanix solution brings an ability to control the keys externally. You can turn the keys off, turn them on– they are totally under your control. The other advantage is with PayPal’s requirements is it actually enables new business use cases to go to the cloud.

paypal

quote icon

How it Works

CONTROL KEYS TO THE CLOUD

Fortanix delivers full key lifecycle management as a service to ensure secure and consistent key management across multi cloud environments, including bring your own key (BYOK) and bring your own key management service (BYOKMS). Fortanix lets organizations pick the right level of control depending upon business use case and required security posture.

byok

BRING YOUR OWN KEY (BYOK)

Upload master keys
API to manage keys
Cloud-based access control

BRING YOUR OWN KMS (BYOKMS)

Maintain control of keys
API to encrypt/decrypt
Granular RBAC and logging

Background image

Ready to test Fortanix Runtime Encryption?

request a demo
thumbnail