Fortanix adds data sovereignty to enhance DSM for global data security and privacy compliance

Fortanix has unveiled new capabilities for Fortanix Data Security Manager (DSM) to help public and private organizations address growing data sovereignty requirements globally.

Available now, the existing and new features deliver several key capabilities, including support for sovereign cloud, storing keys in sovereign boundaries, anonymization of private data, centralized control to manage access and enforce consistent policies across hybrid and multicloud environments, and more, all delivered via an intuitive user experience.

Organizations around the globe are taking urgent steps to meet strict, complex, and changing data sovereignty regulations. According to a Gartner report, “Particularly in Europe, but also in other regions, governments are becoming increasingly concerned due to tightening privacy and data protection regulations impacting data sovereignty, data control, technological sovereignty and their dependence on foreign cloud infrastructure providers.”

Complying with multitude of mandates is a major challenge for organizations, but Fortanix makes it easy for them to ensure compliance over sensitive data, while also bolstering security. The Fortanix flagship DSM offering can be provisioned within customers’ sovereign regions, enabling them to have a dedicated solution that meets regulations in their legislative jurisdictions.

“Data sovereignty goes beyond just where data resides; it is a multi-layered approach that encompasses data security, protection, and privacy. Fortanix’s existing and new capabilities exemplify our commitment to expanding and enhancing DSM to deliver the most advanced data security and privacy solution to organizations around the globe,” said Faiyaz Shahpurwala, chief product and strategy officer at Fortanix.

“Security and data teams can now maintain greater international and cross-border security, compliance, and control over their data with a unified platform that is powered by confidential computing and validated by the highest industry certifications,” Shahpurwala continued.

“Data sovereignty, data privacy and compliance with regulations such as GDPR and Schrems II are an integral part of our work in behavioral research,” said Raj Jagesar, project lead for the Digital Phenotyping Research Program (Behapp) at the University of Groningen in the Netherlands. “With Fortanix DSM’s External Key Manager for Google Cloud, we have full control over our encryption keys not just for compliance purposes, but also to mitigate any security risks related to sensitive personal data.”

Fortanix DSM’s key data sovereignty capabilities include:

• Full control over key generation and lifecycle management for hybrid, multicloud environments with natively integrated KMS and FIPS 140-2 Level 3 HSM
• The ability to store encryption keys separate from data and within sovereign regions
• Enforced least privileged data access with RBAC and Quorum Controls to support Zero Trust architecture
• Crypto agility with rapid migration to latest approved quantum-proof cryptographic algorithms
• Format-preserving encryption to anonymize sensitive data at ingestion or creation before sharing across pipelines and workflows to keep it private, usable, and compliant
• Native database encryption to manage and store the keys required to encrypt all databases, including Oracle, SQL Server, MongoDB, PostGres, MySQL, Maria DB, IBM DB2, and more
• Joint VMware and Fortanix solution for scalable data protection and compliance for VMware Sovereign cloud environments
• Sovereign support for Google Cloud services/offerings in the Kingdom of Saudi Arabia, in partnership with SITE and CNTXT
• Confidential data search, enabling users to quickly search for regulated data in encrypted databases at terabyte scale
• Customer choice of deployment models: on-premises, virtual appliances running in private or public cloud, or a fully managed SaaS across multiple global regions

Fortanix has added support for client-side encryption of Gmail messages, rounding out its offering as an external key manager for organizations working in the Google Workspace ecosystem. This means that data will never be sent from a knowledge worker end point such as an employee laptop without it being encrypted while in transit, boosting data privacy and security across the organization.

Fortanix now offers key management for all Google Workspace applications that use client-side encryption, including Docs, Sheets, Calendar, and now Gmail. This enables Fortanix customers who use Google Workspace to create, store, and manage encryption keys themselves, and not through Google.