Data Security Manager

Key Management Service

Key Management Service (KMS) provides unified key management and encryption services across multicloud and hybrid infrastructures.

What you get:

  • Securely generate, store, and use crypto keys, certificates, passwords, API keys.
  • Manage secrets in the cloud and on-premises.
  • Deploy anywhere; on premises and public clouds like Azure, AWS, and GCP.
  • Flexible deployment with Software, SaaS, FIPS 140-2 level 3 HSM appliance, VMware, and cloud marketplaces.
KMS thumb

Key Management Service

Key Management Service (KMS) with HSM grade security allows organizations to securely generate, store, and use crypto keys, certificates, and secrets. Key Management Service provides control and visibility into your key management operations using a centralized web-based UI with enterprise level access controls and single sign-on support. Fortanix supports multi-geo deployment and is built to scale horizontally and vertically, with automated load balancing, fault tolerance, disaster recovery, and high availability. Business critical apps can integrate using traditional crypto interfaces or restful APIs. HSM- grade security and tamper proof audit logs help with compliance. Secured with Intel SGX, built for cloud scale and resiliency, KMS reduces threats and consolidates costs.​

What Key Management Service does?

External Key Manager
External Key Manager (Bring your own key management as a service)
Fortanix has partnered with GCP to create Google Cloud External Key Manager (EKM), the first solution to enable customers to bring their own key management system as an external key manager.
Multiple Key Storage and Security Options
Multiple Key Storage and Security Options
Flexible deployment options with on-prem HSM appliances, SaaS, or software only in the cloud. Store and protect encryption keys with FIPS 140-2 Level 3 HSMs to maintain the highest possible compliance and entropy.
Centralized Policy Management and Controls
Centralized Policy Management and Controls
Policy management and quorum approvals that can integrate seamlessly with existing authentication identity providers. RBAC provides added security and controls.
Full Key Lifecycle Management
Full Key Lifecycle Management
Fortanix delivers full key lifecycle management such as generation, rotation, expiration, deactivation to ensure secure and consistent key management across on-premises and multicloud environments, including bring your own key (BYOK) and bring your own key management service (BYOKMS). Organizations can store and manage all the cryptographic keys and secrets in one place. KMS can be extended to automate cloud key management with the addition of Cloud Data Control.
Complete Data Security Management
Complete Data Security Management
KMS is the foundation for the Fortanix Data Security Manager suite of capabilities. Add Tokenization, automated cloud key management, management of legacy HSMs, and other capabilities to create a single comprehensive solution.
Automate Key Operations
Automate Key Operations
KMS offers state of art automation features like automatic key rotation, one click rotation across regions and clouds, automatic key expiration based key rotations, automatic alerting based on key state changes. These automation features simplify and secure key management and operations.
Secrets Management
Secrets Management
KMS can manage secrets in the cloud and on-premises, providing extensive RESTful APIs through open standards such as OAuth, OpenID (SAML), LDAP, JWT, and PKI.

Benefits

Single Platform

Single Platform

Fortanix manages data security for multiple public clouds and hybrid environments through a single platform that can scale and cluster between global sites. Allows businesses to seamlessly move data between on-premises and public cloud infrastructures with a single consistent set of cryptographic services and keys.

Unified Management

Unified Management

Fortanix provides a “single pane of glass” modern, multi-tenant, and intuitive user interface for simplified administration and increased control, including extensive logging and auditing across your entire infrastructure.

DevOps and Cloud Friendly APIs

DevOps and Cloud Friendly APIs

KMS supports extensive RESTful APIs, PKCS#11, KMIP, JCE, Microsoft CAPI, and Microsoft CNG. Easily support all existing and new applications, whether operating in public, private, or hybrid cloud.

Scalable platform with automated load-balancing, DR/HA

Scalable platform with automated load-balancing, DR/HA

KMS is built to scale horizontally and vertically as your demand for managing your keys and secrets increases. This is ensured while providing automated load-balancing, fault-tolerance, disaster recovery, and high availability. Fortanix KMS can be deployed globally and for hybrid or multicloud environments.

Adidas
quote iconThere is sensitive data stored in our systems, whether its consumer data, sales data, or corporate secrets. This data has to be protected but we had a challenge. How exactly? How do you protect the keys? In a large organization, we want to avoid the situation where teams and stakeholders that decide how to protect data keys differently. So, we decided to provide a key management system and HSM as one of the security services to the rest of the organization.
quote icon

Resources