Fortanix offers centralized key management, consistent access control policy, and tamper-proof audit logs, proving to be the best key management system that allows organizations to retain full control and management of encryption keys. With Bring Your Own Key management service (BYOKMS), organizations can store ad protect keys outside the cloud and meet the most stringent compliance requirements.
Centrally manage your crypto keys
Fortanix Data Security Manager provides control and visibility into encryption key management operations using a centralized web-based UI with enterprise-level access controls and single sign-on support. Organizations can securely generate, store, and use crypto keys, certificates, secrets, passwords, API Keys, tokens, etc., from a unified platform. Fortanix DSM can scale horizontally and geographically with automated load balancing, fault tolerance, disaster recovery, and high availability.
Single solution for Multi-Cloud
Fortanix Data Security Manager enables organizations to make a secure transition to the cloud and manage data securely between several clouds. The multi-cloud strategy allows an enterprise to avoid vendor lock-in and utilize the best-of-breed solutions of mega-vendors. Organizations can adopt BYOK (Bring-Your-Own-Key) services with FIPS 140-2 level 3 HSM-backed key management services (KMS) to meet regulations such as HIPAA, PII, GDPR, or PCI.
DevOps and Cloud Friendly APIs
Fortanix Cloud Data Control facilitates organizations to integrate their modern business-critical applications and containers using traditional cryptographic interfaces (PKCS#11, KMIP, and more) or its native RESTful interface. The solution supports the authentication of APIs using a system-generated API Key, client TLS certificates, JSON web tokens, or Active Directory credentials.
So the Fortanix solution brings an ability to control the keys externally. You can turn the keys off, turn them on– they are totally under your control. The other advantage is with PayPal’s requirements is it actually enables new business use cases to go to the cloud.