Fortanix does not have access to customer keys. The keys, including the key material and the related metadata, are encrypted both in use and at rest using an encryption key which is derived by the Self-Defending KMS process and the Intel® SGX processor, and is unknown to Fortanix.
- What KMIP coverage do we provide?
- Can I use a proxy with Fortanix Self-Defending KMS?
- Does Fortanix Self-Defending KMS include a Web Application Firewall (WAF)? Should I configure a WAF with Self-Defending KMS?
- What is Intel Attestation Service (IAS) and why should I use IAS service?
- How does Self-Defending KMS compare with other KMS?
- Can I import keys into Self-Defending KMS?
- Where is encryption and decryption done if I use Self-Defending KMS?
- Can Fortanix employees access my keys?
- Where do my keys live if I use Fortanix Data Security Manager?
- How does Fortanix Data Security Manager work?