Fortanix® Inc., the Runtime Encryption® company, today announced it is an inaugural member of the newly formed Confidential Computing Consortium, an organization created by the Linux Foundation dedicated to accelerating the adoption of confidential computing. Fortanix is joining some of its key long-standing partners to apply its real-world expertise of three years of shipping confidential computing solutions to further the standardization of data-in-use protection.
As the first to deliver confidential computing solutions based on Intel® Software Guard Extensions (Intel® SGX) technology three years ago, Fortanix laid the foundation for what today is called confidential computing. Runtime Encryption® has enabled a fundamentally new level of security and privacy, allowing organizations with highly sensitive data to operate securely in both public and private clouds.
According to Gartner: “By 2021, 50 percent of enterprises will unknowingly and mistakenly have exposed some IaaS storage services, network segments, applications or APIs directly to the public internet, up from 25 percent at YE18…Confidential computing is the combination of CPU-based hardware technology and CSP VM images and software tools that enable cloud-using organizations to create completely isolated trusted execution environments (called enclaves). Because they offer a form of encryption of data in use, these enclaves render sensitive information invisible to host OSs and cloud provider administrators.” 
Fortanix has built the largest community of customers practicing confidential computing through its Runtime Encryption® Platform, encompassing most of the confidential computing deployments today. Fortanix confidential computing customers protect application data for payments, databases, artificial intelligence/machine learning, blockchain, bitcoin crypto wallets, manufacturing, and IoT home control devices.
Today, data is encrypted at rest and in transit, but not while in use by applications. This gap in protection leaves valuable data exposed to threats that can gain access to applications while running unprotected. Fortanix technology automatically encrypts information at rest, in transit and during use, to provide end-to-end protection of sensitive data. With Runtime Encryption®, organizations can run sensitive workloads in the cloud while remaining completely protected, even if the infrastructure is compromised.
The Confidential Computing Consortium is the first industry-wide initiative to address data-in-use protection, as current security approaches largely focus on data at rest or data in transit. The focus of the Confidential Computing Consortium is especially important as companies move more of their workloads to span multiple environments, from on premises to public cloud and to the edge.
“The work of the Confidential Computing Consortium to standardize data-in-use security will be important in furthering the industry’s continued migration to the cloud, while helping to curb the rise in data breaches,” said Ambuj Kumar, Co-Founder and CEO of Fortanix. “By joining with some of our long-standing partners, and other industry leaders in the Confidential Computing Consortium, we will increase the awareness and adoption of technology that protects data while in use. We look forward to lending our expertise garnered from three years of confidential computing deployments to the group’s standardization efforts.”
Note 1 – Gartner, Inc., How to Make Cloud More Secure Than Your Own Data Center, by Neil MacDonald and Tom Croll. Oct. 9, 2019
Fortanix’s mission is to solve cloud security and privacy challenges. Fortanix allows customers to securely operate even the most sensitive applications without having to trust the cloud. Fortanix provides unique deterministic security by encrypting applications and data everywhere – at rest, in motion, and in use with its Runtime Encryption® technology built upon Intel® SGX. Fortanix secures F100 customers worldwide and powers IBM Data Shield and Equinix SmartKey™ HSM-as-a-service. Fortanix is venture backed and headquartered in Mountain View, Calif. For more information, see https://fortanix.com/.
- Confidential Computing Consortium Press Release
- Runtime Encryption Community Slack Channel
- Video (1:08): Fortanix and Intel Software Guard Extensions (SGX)
Fortanix and Runtime Encryption are registered trademarks of Fortanix, Inc. Self-Defending Key Management Service is a trademark of Fortanix, Inc. All other marks and names mentioned herein may be trademarks of their respective companies.
FIPS 140-1 and FIPS 140-2 TM: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments