Bring Your
Own Key (BYOK)

With Bring Your Own Key (BYOK), Fortanix enables customers to bring or import their own master keys. This gives organizations greater control; the master keys can be disabled or deleted so the cloud provider cannot decrypt the data anymore. This kill-switch functionality lets customers meet the most stringent privacy requirements.

start your free trial Contact Us

bring your own key

The Challenge

Cloud adoption numbers are only looking upward. IDC expects cloud infrastructure spending to outgrow the non-cloud segment in 2023 already, reaching $134 billion in 2026, accounting for 67.9% of total compute and storage infrastructure spend.

However, cloud platforms don’t provide the full control organizations were used to with traditional data centers. Organizations must trust the cloud provider to keep their data and encryption keys secure, which is not in line with security best practices (zero trust) and goes against data privacy regulations such as the GDPR. This lack of confidence in the data protection of the public cloud limits organizations from moving workloads to the cloud and has them looking for increased control of their encryption keys, and their data.

byok challenge

Fortanix Solution

With Fortanix Data Security Manager, customers can generate their own keys and bring them to cloud applications/workloads, whether it’s on Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, or Salesforce. With Bring Your Own Key (BYOK), Fortanix enables customers to bring or import their own master key, which the cloud provider stores in their key management system (KMS) and uses it to encrypt all Data Encryption Keys (DEKs) used in the cloud. This gives organizations greater control; the master keys can be disabled or deleted so the cloud provider cannot decrypt the data anymore. This kill switch functionality lets customers meet the most stringent privacy requirements.

BYOK solution

Benefits

Centralized Key Control

With Fortanix, customers get a centralized management solution to manage encryption keys and share them with the cloud provider’s KMS. This allows customers to retain ownership of the master key material and have greater control over the data stored in the cloud.

Centralized Key Control

Simplified Data Security

The Fortanix DSM platform provides additional security solutions such as state-of-the-art encryption, key management, and tokenization that can be managed from a single integrated platform.

Simplified Data Security

Accelerate Audits

As a centralized key management solution, Fortanix enables organizations to track and audit how keys are used, anywhere in their infrastructure. Fortanix DSM lets customers define and enforce data access policies from a single location, to reduce risk, and simplify audits.

Accelerate Audits

The Fortanix Difference

Unified Platform for Data Security

A centralized SaaS solution to simplify and strengthen data security across hybrid and multicloud environments.

DevOps Ready

Fortanix DSM easily integrates into automation workflows with REST API support.

Highly Secure

Granular access control, including quorum approval, for keys and certificates which stay safe in FIPS 140-2 Level 3 HSMs.

Resources

Here are some of latest news, blogs, resources, events, and more

Fortanix AWS BYOK

DATASHEET

Fortanix AWS BYOK

Download Datasheet

Fortanix External Key Control and Management for Google Cloud Platform (GCP)

DATASHEET

Fortanix External Key Control and Management for Google Cloud Platform (GCP) - Datasheet

Download Datasheet

Fortanix Key Management

SOLUTION BRIEF

Fortanix Key Management

Download Solution Brief

Ready to Start?

Start your free trial today!

As of August 2023

4.6