Fortanix adds confidential data search for encrypted enterprise data

Cloud data security company Fortanix has announced Fortanix Confidential Data Search, a search offering for encrypted databases within enterprise cloud workflows.

“Confidential Data Search allows data analysts to use off-the-shelf, unmodified databases in a standard, unrestricted SQL environment,” said Richard Searle, vice president of Confidential Computing, Fortanix. “Users do not need to convert their datasets to new complex proprietary database formats or deploy proprietary agents.”

The search capability, Fortanix claims, doesn’t compromise data security or privacy regulations as it supports a range of regulatory compliance controls.

The offering will be available for early trials in the second half of 2023, as part of Fortanix’s data security manager (DSM) SaaS.

Confidential and unrestricted search

Fortanix Confidential Data Search is powered by the company’s in-house confidential computing technology, a data security method that uses runtime encryption and secures the encryption keys inside of a secure enclave such as Intel SGX, AMD SEV-SNP, and AWS Nitro Enclaves.

The offering, Fortanix claims, will allow data analysts to use unmodified databases, using a standard SQL environment that is universally familiar, enabling them to retrieve more accurate results, faster. There’s no need to convert databases to complex formats, like existing solutions, or deploy proprietary agents.

“The solution uses proven encryption standards for increased trustworthiness, including readiness for post-quantum cryptography (PQC),” Searle said.

The new data search capability uses commodity databases and hardware. Fortanix provides secure trusted execution environments (TEEs) as a cloud service, enabling customers to pay based only on usage. The Confidential Data Search ensures query issuer and data owner confidentiality, allowing execution of arbitrary SQL queries without significant system latency.

Legacy solutions introduce complexity

Fortanix’s new offering is targeted at reducing the complexity that comes with the existing data-searching solutions on the market. Almost all the existing solutions use heavy (expensive and complex) cryptographic technologies, according to Fortanix.

Organizations deploying Fortanix’s Confidential Data Search can accelerate their big data and business analytics programs, avoiding the costly decryption process for each search query, which enables them to operate at greater speed and scale, said Jack Poller, senior analyst at ESG Global.

“Current solutions that enable secure searches of encrypted data are predominantly based on complex and expensive cryptographic technologies, which are impractical for data-mining complex medical or financial datasets,” Searle said. “Such computationally intensive approaches can be 1,000 to 1,000,000 times slower than standard non-encrypted databases and often require customized hardware to alleviate the delay.”

The existing technologies, also called homomorphic encryption, restrict search parameters’ scope, making only numerical searches possible.

These technologies may also require additional solutions to validate different levels of access mandated by data regulations. Fortanix’s offering, however, supports data analysis across different geographies which require varying regulatory and compliance controls such as HIPAA, GDPR, FINMA, PCI-DSS, etc.

“While confidential computing has been available from cloud service providers for a couple of years, until now organizations were forced to do all the work themselves to build a big data analytics environment that correctly protected the data, managed encryption keys, provided granular access controls, and could mask, tokenize, and otherwise protect confidential and sensitive search results,” Poller said. “Fortanix’s solution enables organizations to avoid the costly and time-consuming development process.”

Fortanix will be showcasing the new offering at the 2023 Confidential Computing Summit at the San Francisco Marriot Marquis on June 29.