Data Security Manager

Key Management Service (KMS)

The Key Management Service by Fortanix Data Security Manager facilitates unified management of keys, encryption, tokenization, and secrets management across multi-cloud and hybrid infrastructures.

What you get:

  • Securely generate, store, and use crypto keys, certificates, passwords, API keys.
  • Manage secrets in the cloud and on-premises.
  • Deploy anywhere; on premises and public clouds like Azure, AWS, and GCP.
  • The flexibility to choose between on-prem and SaaS model.
KMS thumb

Overview

Key Management Service (KMS) with HSM grade security allows organizations to securely generate, store, and use crypto keys, certificates, and secrets. It provides control and visibility into your key management operations using a centralized web-based UI with enterprise level access controls and single sign-on support.

Fortanix also supports multi-geo deployment and is built to scale horizontally and vertically, with automated load balancing, fault tolerance, disaster recovery, and high availability. Business critical apps can integrate using traditional crypto interfaces or restful APIs. All of it secured with Intel SGX—built for cloud scale and resiliency.
overview image

What we do

External Key Manager
External Key Manager (Bring your own key management as a service)
Fortanix has partnered with GCP to create Google Cloud External Key Manager (EKM), the first solution to enable customers to bring their own key management system as an external key manager.
Multiple Key Storage and Security Options
Multiple Key Storage and Security Options
Flexible deployment options with on-prem HSM appliances, SaaS, or software only in the cloud. Store and protect encryption keys with FIPS 140-2 Level 3 HSMs to maintain the highest possible compliance and entropy.
Centralized Policy Management and Controls
Centralized Policy Management and Controls
Policy management and quorum approvals that can integrate seamlessly with existing authentication identity providers. RBAC provides added security and controls.
Full Key Lifecycle Management
Full Key Lifecycle Management
Manage the generation, rotation, expiration, and deactivation to ensure secure and consistent key management across on-premises and multicloud environments, including BYOK and BYOKMS.
Automate Key Operations
Automate Key Operations
State of art automation features like automatic key rotation, one click rotation across regions and clouds, automatic key expiration based key rotations, automatic alerting based on key state changes.
Secrets Management
Secrets Management
KMS can manage secrets in the cloud and on-premises, providing extensive RESTful APIs through open standards such as OAuth, OpenID (SAML), LDAP, JWT, and PKI.

Features

Legacy HSM Fortanix Short Logo

Software Solution
Physical Appliance Option check icon check icon
FIPS 140-2 Level 3 check icon check icon
Legacy HSM APIs check icon check icon
Virtual Appliance Option check icon check icon
Full Horizontal Scalibilty check icon check icon
RESTful APIs check icon check icon
Trusted Execution Environment check icon
Single Pane of Glass check icon
Unlimited Multi-Tenancy check icon

Benefits

DevOps and Cloud Friendly APIs

DevOps and Cloud Friendly APIs

KMS supports extensive RESTful APIs, PKCS#11, KMIP, JCE, Microsoft CAPI, and Microsoft CNG. Easily support all existing and new applications, whether operating in public, private, or hybrid cloud.

Scalable platform with automated load-balancing, DR/HA

Scalable platform with automated load-balancing, DR/HA

All crypto operations happen inside the secure enclave Fortanix Data Security Manager (DSM)

Easy to Use Unified Platform

Easy to Use Unified Platform

Fortanix provides a “single pane of glass” modern, multi-tenant, and intuitive user interfaces for simplified administration and increased control, including extensive logging and auditing across your entire infrastructure.

Resources