Fortanix Inc., a leader in data-first cybersecurity and pioneer of Confidential Computing, is debuting File System Encryption, a new enhancement to Fortanix Data Security Manager (DSM) that enables enterprises to protect individual file systems on specified hosts. The introduction of File System Encryption marks Fortanix’s ability to provide encryption at all layers, delivering a complete, unified, one-stop solution for encryption and tokenization needs.
File System Encryption targets the increasing need for enterprises to encrypt confidential personally identifiable information (PII) at various layers. Fortanix DSM now enables enterprises to encrypt file systems with granular control, completing Fortanix’s list of encryptable layers—which includes the application, database, and storage layers. With policy-based, granular decryption, organizations can be confident that only authorized users and processes can access plaintext data.
"As data security becomes increasingly complex, offering organizations the ability to manage encryption across all levels through a unified platform creates huge value," said Anuj Jaiswal, vice president of products at Fortanix. "The addition of Fortanix File System Encryption to our already robust Data Security Manager offering gives enterprises a one-stop shop for all of their encryption and data security needs."
Core to File System Encryption is that encryption is performed at the OS layer, not the kernel level, which allows encryption management at the file system level without compromising security or disrupting IT administrative activities such as replication, backup, migration, or snapshots.
“Deploying any agent at the Kernel level introduces numerous dependencies for IT teams, making it challenging to manage other controls such as patching. If a kernel-level agent fails, it can impact or even corrupt data,” explained Jaiswal. “By operating at the OS layer, Fortanix avoids these issues, making maintenance easier and more reliable.”
With File System Encryption, enterprise teams can seamlessly set up and manage agents to encrypt individual file systems mounted on host machines. These agent deployments are easily scalable and based on open policy agent specification with no kernel dependencies. Deployments can be further automated with tools such as Rundeck, ensuring that the process is as straightforward as other agent-based deployments, according to Fortanix.
Additionally, the launch of File System Encryption centralizes the lifecycle management of all encryption keys while simultaneously storing them in natively integrated FIPS-140-2 Level 3 HSM, available as SaaS or on-premises. Involuntary or malicious key deletion can be further prevented with quorum approvals, according to Fortanix.
“With the announcement of Fortanix File System Encryption, enterprises can now select Data Security Manager as their one-stop solution for any cryptographic needs across any layer,” said Jaiswal. “The solution is flexible enough to be deployed in both cloud and on-premises environments, depending on the need. It is a powerful, future-ready solution for encryption, key management, and tokenization, with DSM’s backbone powered by Confidential Computing.”
To learn more about Fortanix, please visit https://www.fortanix.com/.