Data Security Manager as a Service

DSM SaaS provides secure key management and cryptography service across public, private, hybrid or multicloud environments, simplifying provisoning and control of encryption keys.

hero image

Highly resilient, distributed architecture with maximum availability

With increased use of SaaS apps and cloud, IT infrastructure today is more nimble, more scalable, and cost-effective than ever before. But is it also more secure? At a time when cyber risks are higher than ever organizations are grappling with a severe talent drought to handle their data security infrastructure and are stuck with legacy security solutions that were never designed to integrate with the modern, dynamic environment of cloud and DevOps. Even the most robust data security tools and processes available today were never designed keeping a cloud-first world in mind. With more and more data migrating to the cloud while being subjected to regulatory controls — data security is an innate issue. Organizations can no longer afford to get tied by the on-prem and other architectural limitations. Data security must be infinitely scalable and offer elasticity that matches the agility of your new modern cloudbound IT infrastructure.

Fortanix Data Security Manager (DSM) SaaS combines the full proven capabilities of the Fortanix on-premises solution and flexibility of the cloud. It is the first and only multicloud data security service certified to the rigorous FIPS 140-2 Level 3 security standard. DSM SaaS lets organizations opt for a new service-based model that makes data security simpler to deploy, easy to manage and above all, more cost-effective SaaS-based data security for a cloud-first world.

INTEGRATED DATA SECURITY AS A SERVICE

Fortanix DSM SaaS is an integrated data security as a service that offers secure key management and cryptography services including cloud key management, secret management, and tokenization to protect sensitive data in public, private, hybrid, or multi-cloud environments.

ACCESSIBLE VIA THE INTERNET

The service is accessible publicly via the internet or privately via Equinix Cloud Exchange Fabric™ (ECX Fabric™).

HIGHLY AVAILABLE SERVICE

The service is purpose-built for high availability — even if most nodes in a cluster are active. An ideal multi-site deployment of Fortanix DSM would cover at least 3 data centers (Availability Zones) KMS clusters, to ensure high service availability. Keys are replicated within a cluster within a region.

HSM AS A SERVICE

FIPS 140-2 Level 3 certified HSM to store encryption keys and cryptographic operations are securely executed within the module. HSM as a service simplifies operations and reduces management overhead.

HIGHLY SCALABLE SOLUTION

Fortanix DSM SaaS supports millions of keys per customer, horizontal scalability within the site, metro, and region, and low latency with cloud proximity.

Unified Architecture

diagram_saas

Why SaaS based data security?

EASE OF INTEGRATION
The SaaS based model is built from the ground up for easier integration with apps, IT infrastructure and services.

NO SPECIALIZED EXPERTISE/ SKILLS REQUIRED
Keeping the cybersecurity skill shortage in mind, our SaaS based data security is designed for easy usage and faster adoption. No additional/ special skillset required. Simplified operations with zero management overhead/hardware.

START SMALL AND START IMMEDIATE
Quick to set up, quicker to start. Data Security at your fingertips that can scale as you grow with increasing operational volumes.

Key Features

CORE HSM AND KEY MANAGEMENT CAPABILITIES

  • Accessed publicly via the public cloud
  • Built-in encryption, key management and tokenization
  • High availability, intelligent geographic load balancing, resistance to site failure
  • Centralized web-based UI with enterprise-level access controls and single sign-on support
  • Distributed low latency key access
  • Single enterprise-wide key across cloud and data centers

EXTENSIBILITY WITH APIs AND STANDARDS

  • Support for RESTful APIs, PKCS#11, KMIP, JCE, Microsoft CAPI, and Microsoft CNG
  • Multi-site and hybrid cloud support
  • Leverages open standards including KMIP, SAML/SSO, and PKCS#11
  • Encryption standards include AES, RSA, HMAC, and ECC, Opaque objects to provide the highest levels of security

ACCESS CONTROLS AND COMPLIANCE

  • Enterprise-level access controls and audit logging
  • FIPS 140-2 level 3 certified
  • Central-tamper proof logging
  • Integrates with SIEM solutions
  • Enterprise-grade security of Intel® SGX

Globally available service, multi-region deployment with atleast 99.9 SLA

The service currently operates from 15 data centers around the world, giving you the freedom to select the global footprint that best matches your requirements.

map