Filesystem Encryption

Download Solution Brief

file encryption hero

Keep individual files and folders safe

Every day, the news is filled with reports about new data breaches that have led to loss of customer trust, legal consequences, and financial setbacks. Organizations are always looking to bolster the security of their business-critical data. Full disk encryption is no longer deemed as a sufficient practice, and both technology and business leaders want to ensure that individual files or folders, installed on various filesystems, can be accessed only by authorized and privileged users. Filesystem encryption is a proven approach that not only adds an additional level of data security, but also for separation of duties between data owners and system administrators.

The biggest challenge that organizations face when choosing to encrypt individual filesystems is management of the encryption keys. With each filesystem having its own encryption key, key sprawl becomes a reality and can easily get out of hand. How those keys are stored is of paramount importance as well-- encryption keys are attractive targets for hackers. Poorly managed and stored keys increase cyber vulnerabilities and exacerbates the data security challenges organizations face.

Key Benefits

Uplevel data security

Uplevel data security

Seamlessly set up and manage agents to encrypt individual filesystems mounted on host machines.
Control access policies

Control access policies

Apply granular decryption policies to allow only authorized users and processes to access plain text data.
Manage key efficiently

Manage key efficiently

Centralize key management, enforce enterprise-grade security, and prevent key deletion with quorum approvals

Relentless encryption practice


Fortanix Filesystem Encryption allows you to go beyond full disk encryption and protect individual filesystems mounted on a specified host. You now can apply fine-grained access controls and manage encryption keys efficiently at scale to better defend against malicious actors and maintain regulatory compliance.

The Fortanix Difference


Unified data security platform that secures data across hybrid multicloud environments.


Natively integrated FIPS 140-2 Level 3 HSM, available as SaaS or on-premises.


Key Features

  • Scalable agent deployments, based on Open Policy Agent specification, with no kernel dependencies
  • Central control of and visibility into key management operations with enterprise level access controls and single sign-on support.
  • Full key lifecycle management to generate, rotate, and delete encryption keys and adhere to security best practices.
  • Quorum Approvals provide added security measures to prevent accidental key deletion or unauthorized filesystem mounts.
  • Secure key store in FIPS 140-2 Level 3 HSM, available as SaaS or on-premises.
  • Fine-grain policy-driven access controls restrict access to plain text data solely to authorized users and processes.
  • Audit logs for both key management and policy enforcement.

About Fortanix

Fortanix is a global leader in data security. We prioritize data exposure management, as traditional perimeter-defense measures leave your data vulnerable to malicious threats in hybrid multicloud environments. Our unified data security platform makes it simple to discover, assess, and remediate data exposure risks, whether it’s to enable a Zero Trust enterprise or to prepare for the post-quantum computing era. We empower enterprises worldwide to maintain the privacy and compliance of their most sensitive and regulated data, wherever it may be.For more information, visit

Banner Background

Ready to Test Fortanix Runtime Encryption?

request a demo
dsm laptop Image