However, cloud platforms don’t provide the full control organizations were used to with traditional data centers. Organizations must trust the cloud provider to keep their data and encryption keys secure, which is not in line with security best practices (zero trust) and goes against data privacy regulations such as the GDPR. This lack of confidence in the data protection of the public cloud limits organizations from moving workloads to the cloud and has them looking for increased control of their encryption keys, and their data.
With Fortanix Data Security Manager, customers can generate their own keys and bring them to cloud applications/workloads, whether it’s on Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, or Salesforce. With Bring Your Own Key (BYOK), Fortanix enables customers to bring or import their own master key, which the cloud provider stores in their key management system (KMS) and uses it to encrypt all Data Encryption Keys (DEKs) used in the cloud. This gives organizations greater control; the master keys can be disabled or deleted so the cloud provider cannot decrypt the data anymore. This kill switch functionality lets customers meet the most stringent privacy requirements.
Centralized Key Control
With Fortanix, customers get a centralized management solution to manage encryption keys and share them with the cloud provider’s KMS. This allows customers to retain ownership of the master key material and have greater control over the data stored in the cloud.
Simplified Data Security
The Fortanix DSM platform provides additional security solutions such as state-of-the-art encryption, key management, and tokenization that can be managed from a single integrated platform.
As a centralized key management solution, Fortanix enables organizations to track and audit how keys are used, anywhere in their infrastructure. Fortanix DSM lets customers define and enforce data access policies from a single location, to reduce risk, and simplify audits.