Fortanix protects individual file systems on specified hosts

Fortanix announced a major enhancement to its Fortanix Data Security Manager (DSM): File System Encryption. This new feature complements full disk encryption with the ability to protect individual file systems on specified hosts through encryption, governed by granular decryption policies.

Available immediately, this addition ensures that Fortanix’s unified data security platform now supports encryption across all layers, including application, database, storage, and file system. Fortanix Data Security Manager thus becomes a comprehensive solution for enterprises, facilitating the reduction of crypto islands within their technology stacks.

Organizations frequently encounter scenarios where different user groups require access to distinct parts of an overall database. Moreover, many popular databases, such as MongoDB Community Edition, lack native support for transparent database encryption.

Fortanix File System Encryption addresses these challenges by enabling encryption management at the file system level without disrupting IT administrative activities like replication, backup, migration, or snapshots. The solution’s fine-grained controls also precisely define the administrative access granted to users.

Unlike competing solutions, Fortanix File System Encryption operates at the OS layer rather than the kernel layer. This approach simplifies deployment and daily operations, eliminating issues related to kernel dependencies. Enterprises can automate deployments seamlessly using tools like Rundeck, making the process as straightforward as other agent-based deployments. Importantly, this is achieved without compromising security.

“As data security becomes increasingly complex, offering organizations the ability to manage encryption across all levels through a unified platform creates huge value,” said Anuj Jaiswal, VP of products at Fortanix. “The addition of Fortanix File System Encryption to our already robust Data Security Manager offering gives enterprises a one-stop shop for all of their encryption and data security needs.”

By leveraging Fortanix File System Encryption, organizations can:

• Level up data security: Seamlessly set up and manage agents to encrypt individual file systems mounted on host machines. Easily scale agent deployments, which are based on open policy agent specification and have no kernel dependencies.
• Fully control access policies: Apply granular policy-based decryption so only authorized users and processes can access plaintext data.
• Efficiently manage encryption keys: Centralize lifecycle management of all encryption keys while storing them in natively integrated FIPS-140-2 Level 3 HSM, available as SaaS or on-premises. Prevent involuntary or malicious key deletion with quorum approvals.

Data Security Manager is a part of Fortanix Armor, a unified platform for consolidated data security services built on Confidential Computing. The addition of File System Encryption to Fortanix Data Security Manager delivers security with simplicity, offering granular encryption policy management with minimal maintenance. Scalable SaaS deployment allows for cost-effective scaling tailored to specific needs, providing flexibility and efficiency as businesses grow.