Google and Fortanix deliver external key management for public cloud
Migrating sensitive data to the cloud inevitably raises concerns surrounding compliance and security. Most turn to encryption as a solution, but that in itself raises issues over key management.
While many cloud service providers have allowed customers to bring their own keys (BYOK), Google Cloud Platform is linking up with the Fortanix Self-Defending Key Management Service (SDKMS) to become the first public cloud provider to enable customers to bring their own key management system (BYOKMS).
This allows users to store encryption keys in their own data centers with a single point of management and accountability. When customers control their own keys, they are able to move applications subject to compliance requirements such as PCI DSS payment data to the public cloud.
"As a cloud-native solution, Fortanix has the advantage of providing a unified encryption platform that includes key lifecycle management, hardware security module (HSM), tokenization and shares secrets in one system that services on-premises, hybrid cloud and public cloud," says Faiyaz Shahpurwala, Fortanix's chief product and strategy officer. "We commend Google for taking a leadership position by being the first public cloud provider to deliver this ground-breaking security functionality to the market."
In addition Equinix, the global interconnection and data center company, has announced Equinix SmartKey integration with Google Cloud's External Key Manager. Equinix SmartKey, powered by Fortanix, is a global key management and encryption SaaS offering that simplifies data protection across any cloud or destination.
"At Google Cloud, we give enterprises a broad range of encryption options to appropriately balance risk, control, security, and operational complexity when protecting cloud workloads," says Il-Sung Lee, product manager at Google Cloud. "Today, in collaboration with Fortanix, we're bringing customers the next level of controls for their cloud environments with External Key Manager and making it easy to implement and support our customers' governance and compliance processes."