Fortanix SDKMS Earns FIPS Level 1 Certification Validating Cryptographic Protections Delivered in its Runtime Encryption Solution

    Reading Time: 3 minutes

    Fortanix Self-Defending Key Management Service First Commercial
    Software Product Using Intel SGX to Achieve FIPS Level 1 Certification

    MOUNTAIN VIEW, Calif.–(BUSINESS WIRE)–Fortanix® Inc., the Runtime
    ® company, today announced that its Self-Defending
    Key Management Service™
    (SDKMS) has earned the Level 1 certification
    of the Federal Information Processing Standard (FIPS) Publication 140-2,
    a U.S. government computer security standard used to approve
    cryptographic modules. Users now have confidence that Fortanix has
    passed strict government requirements, validating SDKMS’s ability to
    maintain the confidentiality and integrity of protected information.

    “At O.C. Tanner, security is our highest priority,” said Niel
    Nickolaisen, Senior VP and Chief Technology Officer, O.C. Tanner.
    “Fortanix offers an unmatched level of security that applies to our
    on-premises and cloud infrastructure. Now, with FIPS Level 1 validation
    of its Self-Defending Key Management Service, we are delighted that
    SDKMS is compliant with the federal norms and our data is encrypted with
    maximum security. FIPS can be a very effective tool when dealing with

    SDKMS is also the industry’s first commercial software product built
    using Intel Software Guard Extensions® (Intel®
    ) to achieve FIPS Level 1 certification. In addition to giving
    users U.S.-backed certified confidence in the cryptographic security
    measures of SDKMS, the certification helps in the regulatory compliance
    measures of some customers, including those in the federal, financial
    services and healthcare sectors.

    “FIPS Level 1 certification is a significant achievement for Fortanix,
    particularly for compliance for federal and other regulations that are
    important to customers,” said Ambuj Kumar, Co-Founder and CEO of
    Fortanix. “Users and partners alike have the assurance that Fortanix
    protects data in use and cloud data that is now backed by the U.S.

    Fortanix is solving today’s cloud security and data privacy problem. By
    decoupling security from the infrastructure, Fortanix removes complex
    and intractable security challenges experienced with current solutions.
    Running applications in protected enclaves enables a new level of
    deterministic security on premise, in hybrid environments, and even on
    remote clouds, protecting data even when systems are compromised.

    Some components of SDKMS are already FIPS Level 3 certified, while Level
    3 certification for the Fortanix hardware is currently underway.

    About SDKMS

    Self-Defending Key Management Service™ (SDKMS) is the world’s first
    commercial solution built using Intel®
    , delivering Runtime Encryption technology to protect keys,
    applications and data during use. SDKMS offers key management, HSM, and
    tokenization as a service – all rolled into one product with infinite
    scalability for number of keys and number of operations. It has support
    for both legacy and new applications with PKCS#11, KMIP, JCE, MS-CAPI,
    MS-CNG, and REST interfaces. Customers use SDKMS to encrypt their
    databases (Oracle, Microsoft SQL server, MongoDB, etc.), run their
    certificate authority, manage their cloud secrets, and encrypt their
    VMware vSAN clusters. SDKMS is a FIPS 140-2 validated solution that can
    meet various compliance requirements, such as GDPR and PCI.

    About Fortanix

    mission is to solve cloud security and privacy challenges. Fortanix
    allows customers to securely operate even the most sensitive
    applications without having to trust the cloud. Fortanix provides unique
    deterministic security by encrypting applications and data everywhere –
    at rest, in motion, and in use with its Runtime Encryption® technology
    built upon Intel® SGX. Fortanix secures F100 customers worldwide and
    powers IBM Data Shield and Equinix SmartKey™ HSM-as-a-service. Fortanix
    is a venture backed Gartner Cool Vendor headquartered in Mountain View,
    Calif. For more information, see

    Fortanix and Runtime Encryption are registered trademarks of Fortanix,
    Inc. Self-Defending Key Management Service is a trademark of Fortanix,
    Inc. All other marks and names mentioned herein may be trademarks of
    their respective companies.


    Dan Spalding
    [email protected]