Fortanix: Confidential Computing can secure data in use

In a world of on-demand connectivity, encryption at rest is not enough. With more than 4,145 public data breaches in the last year alone, traditional approaches to network security are no longer able to keep up, and confidential computing may offer a potential solution.

Confidential Computing enables organizations to separate and encrypt their data in a hardware-based Trusted Execution Environment (TEE) so that it is not exposed to the infrastructure that processes it. This means that even if an attacker manages to compromise the infrastructure, they will not be able to access the underlying data used.

It’s a security approach that’s garnering a lot of interest, particularly from multicloud security company Fortanix, which today announced it has raised $90 million in a Series C funding round, bringing the organization’s total to over $122 million US dollars.

The need for confidential data processing

With cloud adoption accelerating during the COVID-19 pandemic and growing 25% in the last year alone, it has become increasingly clear that traditional perimeter-based approaches to network security are failing to protect data as it traverses modern enterprise environments move.

“Enterprises and government agencies are looking for a new approach to keep valuable data safe regardless of its location, especially in the cloud. They need protection of their sensitive and regulated data throughout its lifecycle – at rest, in motion and in use,” said Ambuj Kumar, CEO and co-founder of Fortanix.

“Organizations also need to contend with the global proliferation of data and privacy regulations like HIPAA, GDPR and Shrems II,” Kumar said.

Kumar explains that Confidential Computing, pioneered by Fortanix, protects applications and sensitive data from unauthorized access during “use”.

A bird’s-eye view of the confidential computing area

While the field of confidential data processing is still in its infancy, many world-renowned vendors are investing in these solutions.

Microsoft Azure, IBM, Google Cloud, and AWS (AWS Nitro System) are just a few of the many vendors experimenting in this space to develop new services that help organizations keep up with rapidly evolving privacy standards.

More broadly, interest in the market is such that Everest Group has forecast that the confidential computing market will be worth $54 billion by 2026 and grow at a compound annual growth rate (CAGR) of 90-95% becomes.

As a major player in the confidential computing market, Fortanix not only competes with Azure, IBM and AWS, but also with legacy data security vendors such as Thales.

Thales’ data security solution is called CipherTrust Data Security Platform. It provides data discovery, classification, and protection for data-at-rest across on-premises, cloud, and hybrid IT environments. Thales recently announced it booked $19.9 billion in orders last year.

Another competitor is HashiCorp with a solution called Vault, a secure vault for protecting secrets, tokens, passwords, certificates, and encryption keys with an encryption-as-a-service offering. HashiCorp last raised $175 million in a Series E funding round in March 2020, taking its valuation to $5.1 billion.

At this stage, the key differentiator between Fortanix and older competitors is the focus on the encryption used and the data-centric approach to protecting cloud environments.