Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.

Fortanix DSM uses built-in cryptography in Intel® Xeon® CPUs to help protect the customer’s keys and data from all external agents, reducing the system complexity greatly by removing the reliance on characteristics of the physical boxes. Intel® SGX enclaves prevent access to customer’s keys or data by Fortanix or any other cloud service provider.

Unlike many hardware security technologies, Intel® SGX is architected to help protect arbitrary x86 program code. Fortanix DSM uses Intel® SGX not only to help protect the keys and data but also to all the application logic including role-based access control, account set up, password recovery, etc. The result is significantly improved security for a key management service that offers the elasticity of modern cloud software and the hardware-based security of an HSM appliance, all while drastically reducing initial and ongoing costs.

Fortanix DSM is designed to enable businesses to serve key management needs for all their applications, whether they are operating in a public, private, or hybrid cloud.