The Securities and Exchange Board of India (SEBI) framework for cloud services adoption

The new SEBI framework now requires data security measures like HSMs, Key Management, and encrypting data in use. With Fortanix, organizations get a single, unified platform to implement and audit all the mandated data security capabilities with single pane management.

Overview

The Securities and Exchange Board of India (SEBI) announced a new framework for the Adoption of Cloud Services by SEBI Regulated Entities (REs) on Mar 6, 2023. The new framework requires regulated entities to: 

  • Compulsorily use Hardware Security Modules (HSM) and Key Management Systems (KMS) to store encryption keys and to secure cloud data effectively.
  • Ensure "In-use" data protection through encryption.
  • Retain control of keys when using cloud services, using either Bring-Your-Own-Key (BYOK) or Bring-Your-Own-Encryption (BYOE) approaches.
SEBi Framework for Cloud Services Adoption Overview

How can Fortanix help?

As you shift your applications to new infrastructures, you need a solution that can protect all your data on-premises and in the cloud. The Fortanix Data Security Manager (DSM) platform delivers unified HSM, Key Management, Encryption, and Tokenization solutions for your hybrid and cloud-native applications. It is DevOps/SecOps friendly, easy to use, and enables customers to centrally implement and manage multiple data security capabilities from a single console.

Customers can choose the flexibility of a SaaS platform, or opt for a virtual or physical appliance. Powered by Confidential Computing technology using Intel® SGX secure enclaves, data always remains secure, whether it is at rest, in transit, or in use.

dsm architecture

Core capabilities

keys inside SaaS-delivered HSMs with FIPS 140-2 Level 3 validation

Secure encryption keys inside SaaS-delivered HSMs with FIPS 140-2 Level 3 validation

Fortanix DSM provides integrated HSMs—with the option to deploy them on-premises or leverage the industry’s first HSM-as-a-Service. The Fortanix HSM Gateway consolidates key and HSM management from legacy 3rd party HSMs and Cloud HSMs.
Learn More
Full key lifecycle management with Key Management Service

Full key lifecycle management with Key Management Service

Key Management Service (KMS) with HSM-grade security allows organizations to securely generate, store, and use crypto keys, certificates, and other secrets. It provides control and visibility into your key management operations using a centralized web-based UI with granular role-based access controls and single sign-on support.
Learn More
Bring-Your-Own Key/Bring-Your-Own-KMS (BYOK/BYOKMS) ensures full control over cloud keys

Bring-Your-Own Key/Bring-Your-Own-KMS (BYOK/BYOKMS) ensures full control over cloud keys

With Bring Your Own Key (BYOK), Fortanix enables customers to bring or import their own master keys. BYOKMS gives organizations back key ownership; the master keys can be disabled or deleted so the cloud provider cannot decrypt the data anymore. This kill-switch functionality lets customers meet the most stringent data privacy and security requirements.
Learn More
External key management (EKM) for Google cloud/External key store (XKS) for AWS

External key management (EKM) for Google cloud/External key store (XKS) for AWS

Fortanix partnered with Google Cloud and AWS to enable organizations with the ability to manage cloud keys externally outside the cloud. With this mechanism, you can protect the data at rest by using encryption keys that are stored and managed by a third-party key management system (KMS) outside the cloud, meet privacy requirements and ensure enhanced security for your cloud data. 
Learn More
Encrypt data in use with Confidential Computing

Encrypt data in use with Confidential Computing

Confidential computing protects data and applications by running them in secure enclaves that isolate the data and code to prevent unauthorized access, even when the compute infrastructure is compromised. Intel® SGX technology is a leading implementation of Confidential Computing. Using Intel® SGX allows organizations to isolate the software and data from the underlying infrastructure (hardware or OS) by means of hardware-level encryption.
Learn More

Why Fortanix?

Unified Platform For Data Security

Unified Platform For Data Security

A centralized SaaS solution to simplify and strengthen data security across hybrid and multicloud environments.
Highly Secure

Highly Secure

Granular access control, including quorum approval, for keys and certificates, which stay safe in FIPS 140-2 Level 3 HSMs.
Built For Cloud-Scale And Resiliency

Built For Cloud-Scale And Resiliency

Fortanix provides automated load-balancing, disaster recovery, and high availability. Cloud Data Control can be deployed globally for multi-cloud environments.
Tamper-Proof Audit Logging

Tamper-Proof Audit Logging

The centralized platform provides extensive key provenance capabilities, which can be securely exported to a centralized logging or SIEM solution.
newsletter

Want to know more?
Talk to our data security experts now!

contact sales
cc laptop new