Overview
Organizations are increasing their data encryption initiatives, with security and privacy regulations such as the GDPR and Schrems II acting as a catalyst. Managing keys across on-premises and multicloud infrastructures at scale introduces significant operational complexity and potential compliance gaps.
Fortanix gives AWS users a centralized solution to create, back up, and manage their encryption keys, no matter if data is used on AWS, on-premises, or on another cloud platform.
With Fortanix, AWS users get full custody of their root keys and hyper-secure storage on FIPS-140-2 Level 3 certified HSMs.
Fortanix Solution
Fortanix DSM serves as an AWS external key store, allowing organizations to migrate data to the cloud while maintaining full control and ownership of their encryption keys. Backed by FIPS 140-2 Level 3 certified HSMs, keys are stored securely and separately from cloud data.
With centralized key lifecycle management across on-premises and cloud environments, Fortanix DSM ensures sole key custody remains with the customer—meaning neither Fortanix nor AWS can access the protected data, even under government subpoenas such as those issued via the CLOUD Act.
Elevate your cloud data security with Fortanix
Now available on AWS Marketplace! Customers can now make use of their AWS commitments and use their registered partners/resellers for the purchase.
Fortanix DSM SaaS
Fortanix DSM SaaS offers Key Management, Encryption, HSM, Secrets Management & Tokenization. The solution supports all use cases and professional services.
Fortanix DSM Virtual Appliance
Consumed as a Private (custom) offer OR public consumption (Hourly billing), the solution supports software specific requirement.
Fortanix Confidential Computing for AWS Nitro
Fortanix Confidential Computing Nitro Enclaves Compute Node Agent is deployed on AWS Nitro EC2 Instance to manage the compute node and applications running in nitro enclaves.
Benefits
Get full key control
Fortanix DSM users can bring their own keys (BYOK) into AWS, or fully control key lifecycle by using DSM as an external key store, while decreasing the complexity of compliance and operations across hybrid multicloud infrastructures.
Simplify AWS key management
Fortanix helps customers easily manage the lifecycle of all AWS keys. Unique enhancements include the ability to automatically rotate keys in AWS KMS that are copies of the keys on the DSM platform, reducing risk and streamlining operations.
Immediate Access Blocking
Fortanix DSM provides a kill-switch functionality so in the event of a detected compromise, administrators can immediately block access to data-at-rest on the AWS platform with just a couple of clicks to change permissions for any, or specific, instances and locations.
Manage multicloud keys from a single pane
Fortanix Data Security Manager (DSM) allows you to manage and control multi-cloud keys in a completely cloud-agnostic way. Organizations can keep full custody of their keys in a FIPS 140-2 level 3 certified HSM.
Get centralized control and audit of keys
Fortanix DSM enables organizations to apply uniform enforcement of granular access control policies, including quorum approvals to minimize the risk of high-impacting administrative actions. Centralized control also enables a vantage point for audit logs to track key provenance.
Resources
