Fortanix: Confidential computing can secure data-in-use 

In a world filled with on-demand connectivity, encryption at rest isn’t enough. With more than 4,145 publicly disclosed data breaches occurring last year alone — classical approaches to network security are failing to keep up, and confidential computing could offer a potential solution. 

Confidential computing enables organizations to separate and encrypt their data in a hardware-based Trusted Execution Environment (TEE) so that it’s not exposed to the infrastructure processing it. This means even if a threat actor manages to compromise the infrastructure, they won’t be able to access the underlying data in use. 

It is an approach to security that’s capturing a lot of interest, particularly for multicloud security company Fortanix, which today announced it has raised $90 million as part of a series C funding round, bringing the organization’s total amount raised to over $122 million. 

The need for confidential computing 

With cloud adoption accelerating during the COVID-19 pandemic and growing 25% last year alone, it has become increasingly clear that traditional perimeter-based approaches to network security aren’t capable of protecting data as it moves throughout modern enterprise environments. 

“Businesses and government agencies are looking for a new approach to keep precious data safe regardless of where it is, especially in the cloud. They require protection of their sensitive and regulated data, throughout its lifecycle — at rest, in motion and in use,” said Ambuj Kumar, CEO and cofounder of Fortanix.

“Organizations are also having to contend with the worldwide proliferation of data and privacy regulations such as HIPAA, GDPR and Shrems II,” Kumar said. 

Kumar explains that confidential computing, which Fortanix pioneered, protects applications and sensitive data while “in use” from unauthorized access. 

A bird’s-eye view of the confidential computing space 

While the confidential computing space is still in its infancy, there are many world-renowned providers investing in these solutions. 

Microsoft Azure, IBM, Google Cloud, and AWS (AWS Nitro System) are just some of the many providers experimenting in the space to innovate new services to help organizations keep up with quickly evolving data privacy standards. 

More broadly, interest in the market is significant enough that Everest Group has forecast that the confidential computing market will be worth $54 billion by 2026, growing at a Compound Annual Growth Rate (CAGR) of 90-95%. 

As one of the key players in the confidential computing market, Fortanix isn’t just competing with Azure, IBM, and AWS, it’s also competing against legacy data security vendors like Thales. 

Thales’ data security solution is called the CipherTrust Data Security Platform. It offers data discovery, classification, and protection for data at rest, in on-premise, cloud, and hybrid IT environments. Thales recently announced raising $19.9 billion in order intake last year. 

Another competitor is HashiCorp with a solution called Vault, a secure vault designed to protect secrets, tokens, passwords, certificates, and encryption keys with an encryption-as-a-service offering. HashiCorp most recently raised $175 million as part of a series E funding round in March 2020, bringing its valuation to $5.1 billion.

At this stage, the key differentiator between Fortanix and legacy competitors is its focus on encryption in use, and its data-centric approach to protecting cloud environments.