Homomorphic encryption is a promising technique to perform secure searches in encrypted data. Still, it has serious limitations that make it difficult for businesses to use data for growth and innovation effectively.
These drawbacks create challenges when performing essential analytical tasks such as comparing and sorting data. Specialized databases that support homomorphic encryption, or other proprietary cryptographic search technologies, add complexity and high costs. As they require significant computing power, these solutions are hard to use at scale.
Another issue with homomorphic encryption is that it significantly slows down data queries. Depending on the search granularity, they can be a million times slower than regular database queries [source]. Businesses can only process small datasets because of this limited capability. As the complexity of queries increases, the computational requirements and latency grow exponentially.
Given these challenges, businesses need an alternative solution to process the full potential of their sensitive data securely.
Introducing Fortanix Confidential Data Search
Fortanix launched Confidential Data Search, an industry-first solution for searching Encrypted Data. Powered by Confidential Computing technology, this solution allows businesses to perform encrypted searches in encrypted databases while keeping the data and search process highly secure.
The original database, protected by Transparent Data Encryption and/or tokenization, can be replicated into a Secure Enclave, which protects the memory-in-use. The database client also resides in a secure enclave, and all transactions are policed by role-based access control (RBAC) policies from the unified Data Security Manager platform, which also provides secure key management and stores the encryption keys in FIPS 140-2 Level 3 validated HSMs. The solution provides full end-to-end data protection with all the performance and full search language scope of a standard database, such as PostgreSQL and Elasticsearch.
Top Three Security Benefits
- End-to-end Data Security: The secure enclave ensures that the data remains protected while being processed. It allows businesses to perform complex searches on encrypted data without exposing the decrypted information, as the data is protected while at rest, in motion, or in use.
- Granular Access Control: The data is always encrypted. All transactions are validated against granular policies to ensure only authorized users and processes can access the data they are allowed to.
- Compliance: Using Fortanix Confidential Data Search, businesses can comply with data security regulations and utilize their data to its fullest potential without violating regulations such as HIPAA, GDPR, CCPA, PCI-DSS, or others.
Top Three Use Cases for Fortanix Confidential Search
- Healthcare Research and Analysis: Fortanix Confidential Data Search enables secure storage, search, and analysis of sensitive patient data in healthcare research. It ensures privacy and compliance with regulations like HIPAA by encrypting patient records. Researchers and analysts can submit queries to uncover insights and patterns and conduct statistical analysis on the encrypted data without compromising patients' privacy.
- Financial Fraud Detection: Using Fortanix Confidential Data search, financial institutions can securely store encrypted transaction data and perform encrypted searches to identify suspicious patterns or anomalies that may indicate fraudulent activities. This approach ensures that customer data remains confidential while allowing organizations to detect and respond to potential fraud.
- Secure Collaboration in the Cloud: Organizations can share sensitive data with external partners or departments using Fortanix Confidential Data Search. The encrypted queries can be executed within secure enclaves, ensuring the data remains protected even during collaboration. This allows multiple parties to search and analyze encrypted data while maintaining privacy and confidentiality.
- Enhanced Performance and Scalability - The Fortanix solution is 10-100 times faster than existing solutions. The limited computational demand of the Fortanix solution enables scaling for large datasets containing complex information like medical or financial records in the Terabyte range, enabling businesses to ethically increase their value by leveraging their sensitive, yet valuable data.
- Rapid time to value for LOBs - Even within the constrained query scope of homomorphic encryption, expanding a query to include 3-4 factors slows the process too much for any practical use. Fortanix Confidential Computing technology provides data analysts with a very familar SQL database environment and the ability to retrieve more accurate results, faster.
- Lower Total Cost of Ownership (TCO) - Fortanix Confidential Computing technology leverages readily available data center CPUs, eliminating the need for specialized hardware required by homomorphic encryption. Using unmodified off-the-shelf databases such as PostgreSQL, Elasticsearch, Fortanix reduces costs and provides a familiar environment for any data analyst.
The solution is available now as a preview and is scheduled for general availability later this year. Please connect with our sales team for a dive deep into the Confidential Data Search technology.