Fortanix, a leader in Runtime Encryption®, and a Finalist in the 2018 ‘ASTORS’ Awards Program, is partnering with Alibaba Cloud, the cloud computing arm of Alibaba Group, to integrate its Self-Defending Key Management Service™ (SDKMS) with the Alibaba Cloud platform, introducing new levels of security and privacy with cloud Runtime Encryption key management.
Alibaba Cloud® launched it’s commercial Intel® Software Guard Extensions (Intel® SGX)-powered cloud servers as Elastic Compute Service (ECS) bare metal instances in April, and working with Fortanix, customers can now keep their most precious applications secure with new levels of security and privacy for encryption keys in the cloud.
This new partnership enables secure cloud adoption for even the most sensitive workloads by allowing prospects to securely adopt the cloud with unmatched privacy for their encryption keys offered by Fortanix SDKMS.
“Fortanix is delighted to partner with Alibaba Cloud,” said Anand Kashyap, co-founder and CTO of Fortanix.
“Multiple customers have asked us about best practices for securing their sensitive digital assets while operating overseas.”
“Intel SGX offers an incredible level of security by removing the cloud provider and infrastructure entirely from the trust boundary.”
“This partnership follows our strategy of ensuring Fortanix Runtime Encryption technology and Intel SGX are available in more clouds and in more regions.”
This partnership enhances SDKMS consumption options and marks an important milestone for Fortanix in making SDKMS accessible to customers of large public cloud.
(What is Self-Defending Application? A New Paradigm in Security Innovation. Fortanix Self-Defending Key Management System (SDKMS) is a key management solution offered as an on-demand cloud service that enables you to secure and monitor every business-critical application with a few clicks. No longer are you bound by bulky HSMs, capacity planning, and operational overhead of managing a large number of appliances. Courtesy of Fortanix and Vimeo.)
Fortanix’s Self-Defending Key Management Service™(SDKMS)
Fortanix has created Self-Defending Key Management Service ™ (SDKMS), as a solution that provides combined Hardware Security Module (HSM) and Key Management capabilities with software-defined flexibility and a scale-out architecture for modern cloud applications.
The Fortanix Self-Defending Key Management Service (SDKMS) is the world’s first cloud solution secured with Intel SGX.
With SDKMS, users can securely generate, store and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys, tokens, or any ‘blob’ of data.
Fortanix has gained strong traction within information security organizations. The Self-Defending Key Management Service (SDKMS), already counts organizations such as Intel, IBM, and Equinix among our customers and partners.
SDKMS provides impenetrable security to your keys and secrets.
Secured with Intel® SGX and built using Fortanix’s patented Runtime Encryption Technology, SDKMS ensures that you remain in complete control over your keys and secrets.
Comprehensive audit logs provide you with insight into how secrets are being used, and help you meet compliance.
Furthermore, SDKMS delivers a plugin features that enables crypto-agility and extensibility for organizations.
Multiple integrations with cloud providers such as Google, AWS, Azure and ubiquity of interfaces including developer friendly RESTful APIs enable wide range of use cases.
SDKMS allows organizations to generate, distribute, and control keys for payment applications, database encryption, public-key infrastructure (PKI), IoT devices, containers, virtualized environments and more.
Additionally, SDKMS delivers unmatched security and availability for Blockchain private keys including support for powerful yet easy to use policies for multi-sig with quorum approval, and strong access control.
Centralized management capabilities enable enterprise wide key management policy with unparalleled simplicity.
Fortanix SDKMS can be consumed as a SaaS, dedicated managed tenant or on-premises appliance depending on your business, compliance or operational requirements.
SDKMS is available as an on-premise appliance or as a hosted SaaS offering with predictable pricing.
The company’s on-premises pricing is based on the number of appliances and their SaaS is offered with tier-based pricing, enabling customers to get all the features, cryptographic algorithms, connectors, scalability, and high-availability.
In contrast, incumbent HSMs have an unpredictable cost of ownership.
SDKMS provides control of and visibility into your key management operations using a centralized web-based UI with role-based access control and single sign-on support.
SDKMS supports quorum approval for multi-signatures, per key geo-fencing for compliance with regulations such as GDPR, and a centralized tamper proof audit log.
Your business-critical applications and containers can integrate with SDKMS using traditional cryptographic interfaces (PKCS#11, KMIP and more) or its native RESTful interface.
Encryption secures data at rest with the use of storage encryption and secures data in motion with TLS/SSL. However, once the application starts to run, it’s vulnerable to a variety of attacks including malicious insiders, root users, credential compromise, network intruders, etc.
Most security solutions try to address runtime vulnerabilities using isolation and detection. However, the complexity of compute infrastructure and vastness of attack surface makes these solutions ineffective.
(Learn More about the Benefits of Runtime Encryption for Artificial Intelligence and Machine Learning. Courtesy of Fortanix and YouTube.)
With the increased sophistication of attackers and as recent events have shown, attacks using unauthorized reads to memory are now in the open and must be protected against especially for highly sensitive data and applications.
SDKMS is built to scale horizontally and geographically as your demand for managing your keys and secrets increase.
This is ensured while providing automated load-balancing, fault-tolerance, disaster recovery, and high availability. SDKMS can be deployed globally and for hybrid or multi-cloud environments.
To ensure a secure transition, many of them are rethinking data protection, encryption and key management controls.
However, the options they traditionally had were either designed before the cloud era, and are unable to serve distributed environments, or alternatively there are software based meaning they’re easy to use and agile, however do not offer the protection of hardware security modules or HSMs.
As a result, enterprises end up making compromises between security, simplicity and scalability.
(Hear from Joakim Öhman, Elastx CEO, speaking about Fortanix SDKMS and how it helps Elastx to serve their customers better. Courtesy of Fortanix and YouTube)
Organizations are increasingly adopting a hybrid or multi-cloud strategy and those with sensitive business or regulatory data such as in financial services, healthcare and government agencies are reluctant to store their crown jewels on untrusted shared infrastructure for risk of data loss.
Fortanix SDKMS uniquely delivers key management and cryptography services to any environment, any cloud while ensuring the customer remains in complete control of their keys and data.
Customers use SDKMS to encrypt their databases (Oracle, Microsoft SQL server, MongoDB, etc.), run their certificate authority, manage their cloud secrets, and encrypt their VMware vSAN clusters.
SDKMS is a FIPS 140-2 validated solution that can meet various compliance requirements, such as GDPR and PCI.
Fortanix at a Glance
Fortanix delivers provable deterministic security to organizations by offering the industry’s only Runtime Encryption.
It has been selected by leading partners, including to power Equinix SmartKey™ HSM-as-a-service and by IBM Cloud.
While today’s encryption technologies protect only data at rest and data in motion, Runtime Encryption keeps keys, data and applications completely protected while in use from external and internal threats, including insiders, cloud providers, government subpoena, OS-level attacks, and network intruders.
Fortanix Named a Finalist in 2018 ‘ASTORS’ Homeland Security Awards Program
AST focuses on Homeland Security and Public Safety Breaking News, the Newest Initiatives and Hottest Technologies in Physical & IT Security, essential to meeting today’s growing security challenges.
The 2018 ‘ASTORS’ Homeland Security Awards Program, is organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, Border Security, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.
As an ‘ASTORS’ competitor, Fortanix SDKMS is competing against the industry’s leading providers of Innovative Encryption Solutions.
To Learn More about the ‘ASTORS’ Homeland Security Awards Program, see 2017 ‘ASTORS’ Homeland Security Award Winners Honored at ISC East.
Over 100 distinguished guests from National, State and Local Governments, and Industry Leading Corporate Executives from companies allied to Government, gathered from across North America and the Middle East to be honored from disciplines across the Security Industry in their respective fields which included representatives from:
- The Department of Homeland Security (DHS) Science and Technology Directorate (S&T)
- U.S. Customs and Border Protection
- The Department of Justice
- The Security Exchange Commission
- State and Municipal Law Enforcement Agencies
- The Royal Canadian Mounted Police
- Leaders in Private Security
The highlight of the 2018 AST Homeland Security Awards Season will be the 2018 ‘ASTORS’ Awards Presentation Luncheon to honor Nominees, Finalists and Winners on November 14, 2018 at ISC East 2018 at the Jacob Javits Exhibition Center in New York City.
Join us in Recognizing these Industry-Leading Firms for their Outstanding Product Development Achievements, Exciting New Technologies and Innovative Education Programs to address the growing Homeland Security Threats our Nation is facing.
Take advantage of this exclusive luncheon opportunity to Invite your Guests, Clients and Show Visitors to a lovely & affordable plated meal event in the heart of New York City, for a Fabulous Networking Opportunity!
ISC East is the Northeast’s largest security industry event and your ‘ASTORS’ Awards Luncheon registration includes complimentary attendee access to the show.
Already Exhibiting and/or Attending the 2018 ISC East Conference?
Join us to meet the 2018 ‘ASTORS’ Award Winning Company Executives & Government Agency Representatives.
Register today for the ‘ASTORS’ Homeland Security Awards Luncheon on November 14th, in New York City and give yourself & your clients a break from the show!
Gourmet luncheon choices available per person, or reserve a table – make an Impression on your Guests and Receive an Exclusive Discount Opportunity.