Key Management

Fortanix Self-Defending Key Management Service (KMS) provides unified management of keys, encryption, tokenization, and secrets management across multi-cloud infrastructures. Flexible deployment options with Software, SaaS and FIPS 140-2 level 3 HSM appliance.

Overview

The volume of data stored on the public cloud is growing exponentially. With this growth, the challenges of data security, regulatory compliance and the risk of data breaches grow. Cloud-native encryption relies on the cloud platform provider to secure data. Under this approach, cloud providers generate and own the data encryption keys directly to encrypt the data-at rest in cloud. With this approach, customers do not get control over the cloud keys.

Fortanix allows businesses to retain control and management of encryption keys with centralized management, consistent access control policy and centralized audit logs. With Bring your own key management service (BYOKMS) customers can also store cloud keys externally to help meet most stringent compliance requirements.
KMS Overview Image

What we do

Full Key Lifecycle Management
Full Key Lifecycle Management
Fortanix delivers full key lifecycle management as a service to ensure secure and consistent key management across on-premises and multicloud environments, including bring your own key (BYOK) and bring your own key management service (BYOKMS).
External Key Manager
External Key Manager (Bring your own key management service)
Fortanix has partnered with GCP to create Google Cloud External Key Manager (EKM), the first solution to enable customers to bring their own key management system. Fortanix generates and stores encryption keys in customer datacenters with a single point of management and auditability. Other cloud providers do not currently support BYOKMS.
Integrated Data Security Platform
Integrated Data Security Platform
Fortanix provides a Data Security as a Service (DSaaS) platform with integrated hardware security module (HSM), key management, encryption, shared secrets, and tokenization capabilities.

Benefits

Centrally manage your crypto keys

Fortanix Self-Defending KMS provides control of and visibility into your key management operations using a centralized web-based UI with enterprise level access controls and single sign-on support. Securely generate, store, and use crypto keys, certificates, secrets, passwords, API Keys, tokens etc. Fortanix is built to scale horizontally and geographically, with automated load balancing, fault tolerance, disaster recovery and high availability. Business critical apps can integrate using traditional crypto interfaces or restful APIs. HSM grade security and Tamper proof audit logs helps with compliance.

Centrally manage your crypto keys

Single solution for Multi-Cloud 

Fortanix Self-Defending KMS enables you to make a secure transition to multi cloud. It offers the ease of use of cloud management, HSM grade security, FIPS 140-2 level 3 protection for all keys, allowing organizations to adopt BYOK, meet cloud security, compliance requirements and resist cloud provider lock-in.

Single solution for Multi-Cloud 

DevOps and Cloud Friendly APIs

Fortanix Self-Defending KMS supports extensive RESTful APIs, PKCS#11, KMIP, JCE, Microsoft CAPI, and Microsoft CNG. Easily support all existing and new applications, whether operating in public, private, or hybrid cloud. Out of the box connectors with no additional license costs.

DevOps and Cloud Friendly APIs
paypal video
quote iconWhen you move to the cloud, you lose that control...
So the Fortanix solution brings an ability to control the keys externally. You can turn the keys off, turn them on– they are totally under your control. The other advantage is with PayPal’s requirements is it actually enables new business use cases to go to the cloud.
quote icon