Fortanix for AWS

Secure, manage, and automate AWS KMS Keys with full key lifecycle management across on-premises and multicloud environments. 

video thumb

Overview

Organizations are increasing their data encryption initiatives, with security and privacy regulations such as the GDPR and Schrems II acting as a catalyst. Managing keys across on-premises and multicloud infrastructures at scale introduces significant operational complexity and potential compliance gaps. Fortanix gives AWS users a centralized solution to create, back up, and manage their encryption keys, no matter if data is used on AWS, on-premises, or on another cloud platform. With Fortanix, AWS users get full custody of their root keys and hyper-secure storage on FIPS-140-2 Level 3 certified HSMs.
overview image

What we do

Integrated Data Security Platform
Unified Data Security Platform
Fortanix DSM provides a single-pane-of-glass solution that delivers a wide range of data security services, including encryption, multicloud key management, tokenization, Transparent Data Encryption, and more
Full Key Lifecycle Management
AWS External Key Store (XKS)
Move workloads with privacy-regulated data to the AWS platform with Fortanix Data Security Manager (DSM) as the AWS KMS External Key Store (XKS). DSM is a centralized key manager to segregate your keys from the data in the cloud, helping with security and privacy regulations such as the GDPR and Schrems II.
Support for AWS Nitro Enclaves
Support for AWS Nitro Enclaves
Enterprises can more easily preserve privacy and securely process sensitive data and applications within AWS Nitro Enclaves using Fortanix Data Security Manager and Fortanix Confidential Computing Manager.

Benefits

Get full key control

Fortanix DSM users can bring their own keys (BYOK) into AWS, or fully control key lifecycle by using DSM as an external key store, while decreasing the complexity of compliance and operations across hybrid multicloud infrastructures.

Get full control over keys

Simplify AWS key management

Fortanix helps customers easily manage the lifecycle of all AWS keys. Unique enhancements include the ability to automatically rotate keys in AWS KMS that are copies of the keys on the DSM platform, reducing risk and streamlining operations.

Easily manage AWS key states and operations

Immediate Access Blocking

Fortanix DSM provides a kill-switch functionality so in the event of a detected compromise, administrators can immediately block access to data-at-rest on the AWS platform with just a couple of clicks to change permissions for any, or specific, instances and locations.

Immediate Access Blocking

Manage multicloud keys from a single pane

Fortanix Data Security Manager (DSM) allows you to manage and control multi-cloud keys in a completely cloud-agnostic way. Organizations can keep full custody of their keys in a FIPS 140-2 level 3 certified HSM.

Manage multicloud keys from a single pane

Get centralized control and audit of keys

Fortanix DSM enables organizations to apply uniform enforcement of granular access control policies, including quorum approvals to minimize the risk of high-impacting administrative actions. Centralized control also enables a vantage point for audit logs to track key provenance.

Get centralized control and audit of keys