Fortanix Security Software

Filesystem Encryption

Keep individual files and folders safe to defend against malicious actors and meet compliance.

The Challenge

To enhance data loss prevention and comply with privacy regulations, businesses are constantly looking to strengthen their security posture. Many organizations now require that only authorized users with specific privileges can access data in plaintext within designated files or folders on a given filesystem. Aside from elevating security against cyber criminals, this approach also enables a clear division of responsibilities between data owners and system administrators, preventing malicious intents and careless human errors.

Encrypting individual filesystems comes with a significant challenge—management of the encryption keys. With each filesystem having its own encryption key, key sprawl is a reality and can easily get out of hand. Moreover, not properly managing and storing those keys increases cyber vulnerabilities and exacerbates the data security challenges organizations face. 

Fortanix Solution

Fortanix Filesystem Encryption enables organizations to go beyond full disk encryption and protect individual filesystems mounted on a specified host. The Fortanix Enterprise Key Management solutions enable centralized lifecycle management for encryption keys across hybrid multicloud. Encryption keys are under complete customer control and secured by FIPS 140-2 level 3 certified HSMs, available as SaaS. Fine-grain policy-driven access controls restrict access to plain text data solely to authorized users and processes.

Benefits

Uplevel data security

Seamlessly set up and manage agents to encrypt individual filesystems mounted on host machines. Easily scale agent deployments, which are based on Open Policy Agent specification and have no kernel dependencies.

Control access policies

Apply granular policy-based decryption to allow only authorized users and processes to access plaintext data.

Manage key efficiently

Centralize lifecycle management of all encryption keys. Store keys in natively integrated FIPS-140-2 Level 3 HSM, available as SaaS or on-prenmises. Prevent involuntary or malicious key deletion with Quorum Approvals.