“Increasing awareness of the impact of digital business risks, coupled with high levels of publicity regarding cyber security incidents, is making IT risk a board-level issue,” -Tom Scholtz, Gartner fellow
Business experts say that in today’s interconnected digital world, that information has become the most valuable asset, surpassing many of the communications platforms and systems that house the information itself. The Internet provides many means to monetize information, while also presenting challenges to protecting information from malicious actors.
From the board level down, businesses are now aggressively looking at securing critical data via encryption methods. Encrypting and decrypting data have been around for over 60 years, the means of scrambling and unscrambling data is pretty much set and well known. Managing the keys which make this possible is what needs to change to meet the escalating need and demand to use encryption to protect the explosion in information creation, universal access, and real time data streaming economy.
Fornetix’s approach to securing data via encryption is not on the encryption methods themselves, but on the management of encryption keys and how that management can enhance and strengthen an enterprise’s overall IT cyber-security posture.
Fornetix was formed as a commercial venture to deliver off-the-shelf advanced encryption key management solutions, transitioning their prior expertise of delivering custom hardened software cyber security solutions to mission critical government customers, many in the classified space.
“Our CTO and many in his team are contributing members of the OASIS KMIP TC and are involved in providing input to NIST standards groups.” – Guimarin, CEO
The team has 150+ years of engineering expertise and 15+ years of high level cyber-security professional services, communications solutions, identity solutions, information assurance, and custom key management solutions development. Over 60% of the engineering developers have cleared credentials to do classified work. CEO, Bob Guimarin is the seasoned business creation and alliance executive and is an expert in information technology, product engineering, operational management, and business development expertise.
“OurKey Orchestration™ solution aligns the benefits of identity management and strengths of encryption, giving customers a set of uniform and robust access and usage controls. Key Orchestration’s™ multi-tenancy implementation, under a single platform, provides organizations the ability to leverage encryption key generation and secure key storage capabilities across multiple discrete policy management domains aligned to lines of business and maintain consistent governance practices”, believes Bob.
Fornetix provides for the automation and optimization of encryption key management services that reduce costs, improve security, and remove operational complexities. Fornetix enables ‘identity access controls’ within an encryption framework and automates the generation, discovery, distribution, refresh, revocation, and recovery of encryption keys.
The solution consists of an intelligent key management appliance, coordinating with a client application, to enable advanced management and automation capabilities at the user or device level. The four cornerstone functions of Key Orchestration are: Policy Engine, Workflow Integration, Audit/Tracking Module, and High Scale Architecture.
Policy Engine: Ensures adherence to specific detailed security policies are robustly enforced (2000+ policies).
Workflow Integration: Adds strength and rigor to policy and enterprise-wide compliance security practices.
Audit/Tracking Module: Logs rapid and detailed event analysis.
High Scale Architecture: Provides the foundation for maximum flexibility and interoperability across the enterprise, regardless of the level of encryption management required.
Key Orchestration workflow processes can script, test, run and recover all of an enterprise’s key management lifecycle routines, automatically.
‘‘Ease of use’ being the key factor, Fornetix wants to turn the current, complex world of encryption into one where one’s digital life is Easy, Fun and Safe. The company expands and enhances encryption systems usability, removes complexity and lowers costs, while maintaining the trusted security demanded by any well-implemented encryption technology strategy.
The two main aspects that make the Key Orchestration™ unique are;
Complexity Reduced: Key Orchestration™ workflow processes can script, test, run and recover all of an enterprise’s key management lifecycle routines, eliminating mismatched configurations, consistently enforcing policy and reducing operational costs. Reducing complexity and automating cumbersome data entry tasks sets a future framework for more frequent and rigorous rekeying efforts, thus reducing the attack surface and shutting down breach opportunities.
Secure Data Weapon: Key Orchestration™ provides the platform for enterprises to wield encryption as a secure data weapon, protecting all forms of data, whether at-rest or in-transit. By enabling encryption’s offensive capabilities to thwart and prevent attacks, manage and track assets and strengthen brand reputation, organizations are no longer waiting victims of cybercrime.
Fornetix’s flagship technology, Key Orchestration, easily automates and optimizes encryption demands across any enterprise, any industry, regardless of client size, and agnostic to specific encryption protocol or key material distribution method. The sectors early on the company’s radar are; government, finance and banking, critical infrastructure, data center operations, telecommunications, healthcare, automotive and IoT.
“Our flagship product’s, Key Orchestration, general availability date (GA) is August 31, 2015. Over the past year, we have been working with prospective clients and partners in the secure storage, financial services, retail, and across government to deliver early field trials (EFT) upon GA”, says Guimarin.
Since winning top honors at RSA 2105 in the OASIS KMIP (Key Management Interoperability Protocol) interoperability bake-off, the company has entered into technology partner programs with the top global encryption HSM (Hardware Security Module) vendors. According to Guimarin, they have achieved HP’s Silver Technical Alliance Partner status, become a Thales e-Security ASAP partner program, and an Utimaco partner. These relationships provide Fornetix a global footprint in delivering the combined partner and Fornetix’s Key Orchestration™ value proposition to customers seeking to enable encryption protection more extensively across their business.
In addition to HSM partners, they are a Wind River partner, a top semiconductor and embedded systems vendor. Guimarin states encryption is a critical data protection element for embedded systems: where automotive and IoT vendors are aggressively seeking protection from cyber-hacks. From embedded systems to secure storage, as members of SNIA and SSIF, Fornetix pursues open standards and cooperative relationships to deliver advanced key management solutions to thousands of enterprise and carrier class businesses. Businesses, who are demanding more robust use of encryption to protect their company’s digital assets and provide more secure equipment infrastructure and services offerings.
“Quite frankly, we’ve been overwhelmed with the excitement early demonstrations of our Key Orchestration™ have received from prospective clients, key management industry insiders, commercial and government think-tanks, and those desperately seeking a pathway to mitigating the endless assault on their business capital assets and reputation”, he adds.
Facing the challenges and reaching the Goal
“We use the term, Encryption Horizon™, to describe the inflection point where the use of encryption encompasses 10s of Billions, if not Trillions of devices, applications and data objects”, says Bob.
Today’s encryption key management environment consists of multiple vendors’ key management systems (KMS) in the Enterprise, where due to the lack of interoperability and extensive use of proprietary protocols aligned to each vendor’s devices and applications, results in multiple procedures and processes, disparate capabilities, and fosters an environment that is error prone and excessively complex to respond to encryption key integrity events requiring remediation. Hence,enterprises are hesitant to proactively deploy aggressive encryption technologies more extensively across their business. Fornetix aims to overcome these challenges and allow for broader encryption protections.
Today, leading semiconductor vendors produce individual chips with unique identities and an embedded AES (Advance Encryption Standard) stack. Identity and AES capabilities at the micro level, coupled with extreme processing speeds, allow for high function, high frequency, and low latency encryption key material usage. Hence, Identity and Policy encryption attributes can draw upon these capabilities to meet the many permutations of secure data transmission, access, and sharing that is anticipated with increasingly mobile lifestyles, ConnectedCars and the Internet of Things. Fornetix is establishing the architectural framework to support the explosion of securely inter-connected things and the intensive scrutiny on protecting their digital footprint.