Fortanix and IBM partner on Runtime Encryption to bolster Trust in Cloud Computing with the launch of Intel® SGX based IBM Cloud Data Guard preview

With everything cloud has to offer, its true potential is held back as organizations continue to balance benefits vs risk, especially for sensitive data and workloads. Encryption is an effective control used in the cloud to protect data at rest and data in motion. However, once an application runs, it is vulnerable to a variety of attacks, including malicious insiders, root users, hackers exploiting OS zero-day bugs, and network intruders. The holy grail of security has been to offer deterministic security to applications regardless of how the attacks originate. Today marks significant progress towards realizing that vision.

Partnership with IBM to Further our Runtime Encryption Vision

Fortanix is pleased to collaborate with IBM to offer an early access of the IBM Cloud Data Guard preview that firmly tips the balance in favor of cloud. IBM Cloud Data Guard offers applications the protection of data in use and is powered by Fortanix’s Runtime Encryption platform. Runtime Encryption enables a fundamentally new level of security and privacy allowing organizations with highly sensitive data to operate in the public cloud. The Fortanix technology uses Intel® Software Guard Extensions (Intel® SGX) to enable general purpose computation on encrypted data without ever exposing plaintext application code or data to the operating system or any other running process. Intel® SGX makes this protection possible through protected regions of memory called enclaves. Fortanix technology transparently protects applications by creating a portable security envelope to run applications in completely protected states. IBM’s powerful cloud infrastructure now includes Intel SGX-capable servers, making it much more secure down to the core.

Runtime Encryption

Fortanix already uses Runtime Encryption technology for its HSM and key management product to protect keys and cryptographic operations. With the IBM partnership, Runtime Encryption technology can now be used for a wide range of applications across many industries including financial services, public sector, health care, technology, manufacturing / IoT, and others where data privacy and confidentiality are of utmost importance. Beyond facilitating cloud adoption and providing unparalleled protection of sensitive data, the biggest benefit of this partnership will come from enabling new levels of trust, collaboration and business workflows across previously siloed datasets. Novel use cases include the ability to run database queries against sensitive encrypted financial records or the ability to train and execute machine learning models based on intellectual property in a protected state against sensitive encrypted healthcare data or IoT sensor data.

Platform to Protect your Apps and Data in use

IBM Cloud Data Guard preview provides you with access to Intel SGX-enabled infrastructure in the IBM Cloud, a catalog of “out of the box” protected applications and services to protect your existing applications unmodified or easily build new protected applications.

IBM Cloud Data Guard, powered by Fortanix Runtime Encryption platform, transparently protects applications and eliminates developer burden whether you have an existing application or are developing a new application. The Fortanix platform provides a broad set of services including signing, remote attestation, secure orchestration, packaging and delivery, SGX software development kit (SDK), integration and trust across distributed systems that significantly accelerate your efforts to protect cloud-scale applications. Fortanix enables portable applications that can run anywhere and are automatically protected when running on Intel SGX-based infrastructure. With its initial focus on enabling containerized applications that integrate seamlessly with Kubernetes, the Fortanix platform is purpose built to protect cloud-native applications.

Platform to Protect your Apps and Data in use

IBM Cloud Data Guard supports flexible approaches to protect applications and data in use:

  • Featured Apps: Commonly used applications such as Key Management, Databases, Web Servers, Build Servers, Directory Servers, etc., are available protected out of the box.
  • Bring your own App: Our goal is to help you protect any application with initial focus on containerized Linux applications.

  • Build your own App: Our goal is to provide a toolkit with high-level primitives that eliminate the developer burden and complexity typically associated with developing applications for protected execution environments.

“Intel applauds IBM’s focus on providing increased security for cloud applications”, said Jim Gordon, general manager of Platform Security Development at Intel Corporation. “We are excited about the collaboration between IBM and Fortanix, which utilizes Intel® SGX to increase the security posture for end-users applications in the cloud.”

Sign-up for the Early Access Program of IBM Cloud Data Guard

To protect your application’s data in use with the Fortanix Runtime Encryption platform, sign-up for the early access program of IBM Cloud Data Guard. Join the Runtime Encryption revolution!

Share this post:

Get our blog updates in your inbox: