Fortanix Awarded FIPS 140-2 Level 3 Certification Enabling Businesses to Replace Legacy Encryption Hardware with a Modern Encryption Technology

Fortanix® Inc., the Runtime Encryption® company, today announced that the Fortanix Self-Defending Key Management Service™ (SDKMS) has earned the Federal Information Processing Standard (FIPS) 140-2 Level 3 certification from the National Institute of Standards and Technology (NIST), which is part of the U.S. Department of Commerce. This achievement enables businesses to replace legacy encryption technologies, including Hardware Security Modules (HSMs), with the Fortanix SDKMS encryption platform for protecting the most sensitive data in the U.S. Government, technology, financial services and healthcare industries.

For decades, businesses in highly regulated industries have been locked into HSM appliances that are costly to operate, difficult to scale and lack the modern RESTful programming interfaces required by application developers to quickly bring new applications to market and migrate them to the public cloud. With Fortanix SDKMS, businesses can lower their operating costs up to 70 percent, scale across multi-site and multi-cloud environments, and accelerate application development through modern cryptographic services.

“Now with FIPS Level 3 certification, the Fortanix encryption platform provides the same security and encryption standards as HSMs, and can even leverage investments in existing HSM hardware, while providing an encryption platform for the 21st century,” said Ambuj Kumar, Co-Founder and CEO of Fortanix. “This certification will extend the value and unique benefits delivered by Fortanix to new customers and use cases in the U.S. Government, financial services and healthcare.”

As part of the certification, Fortanix passed strict government requirements for Level 3 certifications, validating the Fortanix SDKMS cryptographic protections and ability to maintain the confidentiality and integrity of protected information. Customers in the U.S. Government, financial services, healthcare and other regulated industries have specific private data such as passwords and PIN numbers that must be encrypted using FIPS 140-2 Level 3 certified cryptographic modules.

Additional Resources

• NIST Cryptographic Module Validation #3545
• Fortanix SDKMS Appliance FIPS 140-2 Level 3 Non-Proprietary Security Policy

About Fortanix

Fortanix’s mission is to solve cloud security and privacy challenges. Fortanix allows customers to securely operate even the most sensitive applications without having to trust the cloud. Fortanix provides unique deterministic security by encrypting applications and data everywhere – at rest, in motion, and in use with its Runtime Encryption® technology built upon Intel® SGX. Fortanix secures F100 customers worldwide and powers IBM Data Shield and Equinix SmartKey™ HSM-as-a-service. Fortanix is venture backed and headquartered in Mountain View, Calif.