Multicloud security firm Fortanix Inc. today announced the addition of file system encryption to its Fortanix Data Security Manager to bolster full-stack data security.

The new File System Encryption service has been designed to complement full disk encryption through the ability to protect individual file systems on specific hosts through encryption governed by granular decryption policies. The company says the addition ensures that encryption is supported across all layers, including application, database, storage and file system.

The new release seeks to address the issue wherein organizations often encounter scenarios where different user groups require access to distinct parts of an overall database. Thrown into the mix is that popular databases such as MongoDB Community Edition, Fortanix says, lack native support for transparent database encryption.

Fortanix File System Encryption addresses these challenges by enabling encryption management at the file system level without disrupting information technology administrative activities such as replication, backup, migration or snapshots. The solution’s fine-grained controls also precisely define the administrative access granted to users, the company says. “As data security becomes increasingly complex, offering organizations the ability to manage encryption across all levels through a unified platform creates huge value,” said Anuj Jaiswal, vice president of products at Fortanix.

Fortanix File System Encryption differs from competing solutions in that it operates at the operating system layer rather than the kernel layer. By doing so, the service simplifies deployment and daily operations, eliminating issues related to kernel dependencies.

With the new encryption service, users can set up and manage agents that encrypt individual file systems on host machines. The solution offers support for easy scaling of agent deployments, which are based on open policy agent specifications and are free from kernel dependencies, ensuring smooth integration and operation.

Along with robust encryption capabilities, Fortanix File System Encryption offers organizations full control over access policies. Granular policy-based decryption ensures that only authorized users and processes can access plain-text data.

The platform also centralizes the management of encryption keys, storing them in FIPS-140-2 Level 3 HSMs, available as software-as-a-service or on-premises. Quorum approvals add an extra layer of protection against unauthorized key deletion, safeguarding sensitive information.

Fortanix was previously in the news in July when it announced an expansion of its Key Insight solution that allows organizations to discover, assess and remediate fragmented cryptographic security risks. With the expansion, Key Insight can scan databases and storage to discover encryption keys and data services across hybrid environments, including on-premises.

Image: SiliconANGLE/Ideogram