Fortanix External Key Manager pairs with Google Cloud Platform to help users tackle privacy challenges

Fortanix announced that its External Key Manager paired with Google Cloud Platform (GCP) is helping customers in Europe, and around the world, create, store and manage encryption keys outside of the public cloud in a seamless manner.

The capability, delivered as a service, is a part of Fortanix Data Security Manager (DSM), resulting from its partnership with Google. It allows security-conscious customers to derive benefits from the power of Google Cloud Platform and Fortanix’s best-in-class, modern external key management system to comply with strict privacy regulations such as GDPR and Schrems II in Europe, taking a data-first approach to the solution.

Fueling research on sensitive healthcare data

The University of Groningen is a large, prestigious public university in the Netherlands. The university is pioneering behavioral research in populations of people suffering from mental illnesses and brain diseases using their smartphone usage patterns and data. Handling sensitive healthcare data requires a very strong security and privacy posture and entails handling large volumes of sensitive and private healthcare data, which is stored in Google Cloud Platform (GCP).

“We were looking for a vendor selected by Google Cloud as a trusted provider of encryption services that could integrate directly with Google Cloud Platform,” said Raj Jagesar, University of Groningen. “Fortanix met this criterion and stood out as the vendor of choice with the most mature operational dashboard for independent management of keys.” Jagesar continues: “Equally as mature was the modern application programming interface (API) of the solution which enabled us to integrate and deploy Fortanix DSM SaaS in less than a week.”

Fortanix Data Security Manager delivers powerful capabilities including:

  • Multiple key storage and security options: The ability to store and protect encryption keys in the cloud or on-premises with FIPS 140-2 Level 3 HSMs.
  • Kill switch: Fortanix offers a kill switch where an administrator can simply disable the key used and new queries for datasets associated with the Fortanix key are prevented from being accessed.
  • Enforce access policies: Enforce access to data at rest for Google services like BigQuery and Compute Engine.
  • Cloud encryption key backup and disaster recovery: Back up, restore, and re-import master encryption keys for public cloud KMS.
  • Cloud- and DevOps-friendly APIs: All security functions are supported as RESTful APIs for easy integration to cloud-native tools and technologies.
  • Compliance with regulations globally: Helps meet compliance with regulations like GDPR, CCPA, Schrems II, HIPAA etc., and data sovereignty laws around the world.

“Separating keys from data and ensuring that no single entity can compromise this equation is required to meet the highest level of compliance. Europe is at the forefront of regulating and enforcing these requirements to protect privacy. Fortanix’s technology and partnership with the power of Google Cloud Platform helps customers tackle GDPR and Schrems II challenges head-on,” said Faiyaz Shahpurwala, Chief Product and Strategy Officer at Fortanix. “Regions around the world have separate and distinct privacy requirements, and we’re proud to enable our customers with the highest level of compliance in Europe, which has some of the strictest data protection regulations, as well as globally.”

Fortanix External Key Manager for GCP is available now.


Subscribe to the Help Net Security breaking news e-mail alerts:

More about

Don't miss