Blackbaud Strengthens Data Security and Compliance with Fortanix Key Insight

Customer Profile

Blackbaud, a leader in software and services for social good, serves a range of organizations, including nonprofits, educational institutions, and healthcare facilities. The customer has its presence across multiple public and private cloud environments, primarily AWS, Azure, and on-premises datacenters.    

USE CASE

KMS, HSM

INDUSTRY

Software

PRODUCTS

Requirements

Requirements

The customer was looking to improve data security and started with three related initiatives.

Key Sprawl: Managing thousands of encryption keys across diverse environments, including public and private clouds, had created complexity. This resulted in challenges in ensuring proper key usage, rotation, and deletion.
Manual Inventory and Reporting: Prior to implementing an automated solution, Blackbaud required an estimated 972 hours annually to compile encryption key metadata for their 27 products.
Regulatory Compliance: Blackbaud must comply with SOC, PCI-DSS, and internal standards, so they require constant key assessment, which manual processes cannot fully support.

Fortanix Solutions

To address complex encryption and key management challenges, Fortanix offered Key Insight, a comprehensive key management and inventory tool that provides visibility and simplifies security controls across multicloud and on-premises environments.

Automated Key Discovery: Fortanix Key Insight streamlined Blackbaud’s encryption key tracking across Azure, AWS, and on-premises environments. It centralized visibility, automating key discovery and usage tracking while eliminating reliance on manual scripts.
The tool identified unused or insecure keys, generating automated reports on key locations, types, and metadata. This saved time, reduced errors, and improved security by replacing manual updates.
Hardware Security Module (HSM): Fortanix Key Insight assessed Blackbaud’s encryption keys for security and compliance, ensuring alignment with NIST standards. It flagged weak keys, outdated cryptography, and quantum computing risks.
It also detected shared keys across multiple services, a security vulnerability, and helped Blackbaud fix them. By tracking key rotation and usage, it ensured encryption policies were followed.
Integration with Existing Environments and No-Agent Deployment: Fortanix Key Insight seamlessly integrated into Blackbaud’s infrastructure without requiring database installations. A single scanner agent securely connected on-premises data to the Fortanix cloud, transferring only metadata.
The tool provided read-only access to AWS and Azure, identifying keys across accounts without modifying firewall settings. This improved security and visibility with minimal disruption.
Quantum-Readiness and Advanced Key Policy Controls Fortanix Key Insight prepared Blackbaud for quantum threats by identifying vulnerable keys. Blackbaud also enforced key rotation and deprecation policies with Fortanix Data Security Manager. It provided a clear view of access permissions, helping Blackbaud tighten overly permissive policies and strengthen encryption security.