Zero Trust: How Fortanix Gives You Ultimate Control in Securing Sensitive Data

Organizations are under constant obligation to protect their sensitive data and comply with regulations. According to the Federal Trade Commission, a sound data security plan is built on five fundamental principles: 

1. Take Stock – Know personal information in your files and on computers.
2. Scale Down- Store only the data needed for your business.
3. Lock It - Protect the information. 
4. Pitch It - Properly dispose of data you no longer need.
5. Plan Ahead - Create a plan to respond to security incidents. 

Fortanix's commitment to data privacy is grounded in its confidential computing technology, which provides hardware-backed secure processing of data-in-use within a Secure Enclave. Along with our Zero Trust approach to data security, Fortanix helps organizations fulfill the above security criteria. 

Fortanix enforces the principle of data ownership by not storing any of the data customers are looking to encrypt/decrypt. Businesses prioritizing data privacy and security can build stronger customer trust with Fortanix. 

Before we learn how organizations can achieve complete data control, let us understand the data security gaps they face. 

Where's Your Data?

With the dynamics of a hybrid multicloud infrastructure, organizations may not know exactly where their data is. 

It involves the absence of physical layers we were accustomed to when data was confined to the perimeter of a local datacenter. Now, data is distributed globally. The complexity, rapid changes in cloud environments, and cloud providers' access rights and visibility concerns add to this challenge. Organizations may not have unified, centrally controlled auditing mechanisms, resulting in limited knowledge about storage locations. 

Heavy Reliance on Cloud Providers 

Cloud services allow organizations to reduce upfront costs with pay-as-you-go mechanisms with built-in cloud security solutions for compliance. 

As a result, organizations demonstrate a significant dependency on cloud providers’ advantages, including streamlined infrastructure management, scalability, global accessibility, quicker time to market, cost efficiency, managed services, disaster recovery, remote collaboration capabilities, and the ability to deploy innovative technologies in real-time. 

However, this reliance also brings potential concerns, such as losing control of your data to the cloud provider.  

Who Controls Your Cloud Data? 

Data control in cloud computing is a shared responsibility between cloud providers and their customers. While organizations maintain ownership and decision-making authority over their data, including access, processing, and compliance, cloud providers supervise the underlying infrastructure, security measures, and various managed services. 

The division of responsibilities varies across cloud service models such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) 

However, all cloud services can ultimately access the data their customers store on their platform. Administrators can go rogue, external hackers can compromise infrastructure, or governments can subpoena the data and extract it from the platform.  

Encryption is an effective tool to ensure data security. The compromised data is useless and cannot be read without the related keys. In this case, the necessity of control shifts to keys. If the key is lost, the data can’t be retrieved. On the other hand, the keys enable access to the protected data, so storing keys in the same location as the data they guard goes against data security best practices and makes the data vulnerable to subpoenas.     

Need for Zero Trust 

In the cloud computing scenario, where data control is shared between organizations and cloud providers, a Zero Trust approach recognizes that security breaches can occur from any point of access, including company-controlled systems and cloud provider-managed infrastructure. 

Zero Trust means not providing any implicit trust based on the client’s origin as we did in legacy perimeter-based security. The mechanism requires more due diligence, such as verifying the identity of all users, devices, and applications, granting minimal (least privilege) access, (micro) network segmentation, continuously monitoring activity, encrypting data, using multi-factor authentication, and enforcing access policies. 

Fortanix Ensures You Have Complete Control of the Data 

Fortanix operates on Zero Trust by fundamentally rethinking the legacy security approach. Instead of solely relying on entities within the network perimeter, Fortanix extends trust to include every component and transaction within the system. This means that even Fortanix platform administrators, for example, are not automatically trusted. 

1. Does Fortanix access any data?  

The Fortanix Data Security Manager (DSM) operates without storing and controlling customer data subject to encryption. It does not have access to or maintain control over such customer data in encrypted or unencrypted form. The data remains exclusively within the customer's specified database or designated record system. 

2. Can Fortanix access any personal data?  

Fortanix distinguishes between two types of data: personal data received during our customer interactions (such as for support, provisioning, or ordering purposes) and customer data transmitted to our DSM SaaS Service for cryptographic operations. 

Our Confidential Computing deployment model ensures that all cryptographic operations on data are exclusively conducted within the secure Trusted Execution Environment (TEE) of the Intel SGX hardware. This setup guarantees that Fortanix personnel, potential attackers, and customer insiders cannot gain visibility into these operations or their results. 

Fortanix personnel are unable to read, alter, or access any other data stored by a customer, including metadata associated with various objects (such as accounts, groups, apps, users, and security objects), information used for identifying security principals (users or apps), or any data stored as opaque or secret objects. 

3. When encrypting data through the DSM SaaS Service, does Fortanix have access to or visibility into any data?  

The data is processed through the Trusted Execution Environment (TEE) of an Intel CPU equipped with Software Guard Extensions (SGX), all within the confines of the FIPS 140-2 Level 3 validated Hardware Security Module (HSM). 

No elements of Fortanix's software, hardware, or personnel can access any data that undergoes encryption within the TEE boundary of the CPU. This data is securely transmitted and directed to the DSM hardware in an encrypted state through a Transport Layer Security (TLS) connection, which is then terminated within the secure enclave.  

All subsequent actions and processes occur within the protected domain of the Intel SGX architecture, tailored exclusively to the customer's unique account for utmost security. 

Your Keys. Your Data.  

Encryption keys serve as the foundation of secure communication and data storage. By managing and controlling these keys, organizations can dictate who has access to sensitive information and under what circumstances. A key management system allows organizations to encrypt data before transmission or storage, rendering it unreadable to unauthorized parties. 

The Fortanix HSM (Hardware Security Manager) specialized security appliance, present in both the DSM SaaS platform and the hardware appliance, generates and stores encryption keys on behalf of the customer.  

The Fortanix platform has obtained full certification from the United States NIST (National Institute of Standards and Technology) for its status as a highly secure computing device, meeting the stringent requirements outlined in the Federal Information Processing Standard (FIPS) 140-2 Level 3 certification. 

As a centralized platform, encryption keys are always separated from encrypted data anywhere across hybrid multicloud environments, in compliance with regulatory standards, 

The Intel SGX architecture plays a prime role in ensuring the confidentiality of customer-generated or stored keys within the Fortanix DSM SaaS Service. Notably, even Fortanix is unable to access these keys. This level of protection remains consistent whether customers choose to deploy Fortanix DSM on-premises with HSMs or utilize cloud virtual appliances. 

In conclusion, Zero Trust has proved to be an effective data protection and compliance strategy. Fortanix challenges the conventional ways that are vulnerable to securing data and offers modern solutions to the prime concerns about privacy. With Fortanix, you can rest assured that your sensitive information is not just another data point stored on a server. Instead, it takes center stage as a top priority, always protected by our advanced technology and a Zero Trust approach.