Introducing IBM Cloud Data Shield powered by Fortanix Runtime Encryption®

IBM Cloud Data Shield, powered by Fortanix, provides runtime memory encryption for applications to protect data in use, leveraging Intel® SGX. Cloud Data Shield transforms containerized applications to protect sensitive data in the cloud.

Enclave Development Platform

Fortanix Enclave development platform (EDP) is the preferred way to write Intel® SGX enclaves from scratch.

Runtime Encryption® – A New Paradigm in Security

Fortanix® Runtime Encryption® Platform protects applications even when the infrastructure is compromised. Runtime Encryption® keeps applications encrypted even when running. Fortanix uses Intel® SGX and creates a portable security core that runs signed applications in completely protected states.

Equinix SmartKey powered by Fortanix – HSM as a Service

Powered by Fortanix, Equinix SmartKey™ is a SaaS-based secure key management and cryptography service which protects data in public, private, hybrid or multicloud environments.

Self-Defending Key Management Service (SDKMS)

Fortanix SDKMS™ is the world’s first key management solution that provides HSM-grade security with software-like flexibility. Secured with Intel® SGX and built for modern cloud-scale applications, SDKMS offers centralized management, REST APIs alongside traditional interfaces, and more!

Our Mission

We believe that security should be deterministic. Traditionally, encryption has secured data at rest and in motion, leaving it vulnerable in use. We use Runtime Encryption® to protect data in use, providing complete security protection throughout the lifecycle of the data.

The Problem

When it comes to protecting your data, encryption is one of the most popular and effective controls. But the data must be encrypted at each step of its lifecycle.

Data at rest

Encryption of data at rest protects data when stored in digital forms on persistent media. This is typically solved by transparent data encryption or self-encrypting drives.

Data in motion

Encryption of data in motion protects data when it’s being transported. This is typically solved by Transport Layer Security (TLS/SSL) or VPN tunnels.

Runtime / Data in use?

Once the application starts to run, data in use by CPU and memory is vulnerable to a variety of attacks including malicious insiders, root users, credential compromise, OS zero-day, network intruders, and others.

Current solutions try to address this runtime vulnerability using isolation and detection. But complete protection remains elusive given the ever-increasing complexity of infrastructure and breadth of attack surface.

Fortanix Approach

Runtime Encryption®
Page 1 Created with Sketch.

A new approach is required to protect the runtime environment. The approach must assume compromise and encrypt like everyone is watching! We call this approach Runtime Encryption® . Runtime Encryption® is a class of security solutions that keeps data encrypted even when in use by applications.

Fortanix created a Runtime Encryption® platform that enables your application to process and work with encrypted data. Fortanix uses Intel SGX and creates a portable security envelope that runs signed applications in completely protected states. Fortanix protects applications even if the infrastructure is compromised. Fortanix further provides a HSM and Key Management solution built using this technology.

Learn more about SDKMS

Self-Defending Key Management Service (SDKMS) provides HSM-grade security with software-like flexibility.

Sign-up for HSM as a Service

Equinix SmartKey, powered by Fortanix, is a SaaS-based secure key management and cryptographic service which protects data in any environment.

Secure your apps with Runtime Encryption® technology

Join the Runtime Encryption® revolution to secure your applications with Fortanix technology. Contact us to get started.

Trusted by

Ready to test Fortanix SDKMS? Request a demo