Fortanix Partners with Keyfactor for IoT Security


By: Mary Jander

Security startup Fortanix, which specializes in confidential computing, announced a technology partnership with Keyfactor, a vendor of public key infrastructure (PKI) services geared particularly to Internet of Things (IoT) environments. The move points to growing demand for security at the level of device-to-device communications across clouds.

Founded in 2016, Fortanix has made a name with its Data Security Manager, which Fortanix says combines patented encryption, confidential computing, tokenization, and key management to provide a single point of control for managing security across applications and data sources in multiple cloud environments. To date, Fortanix has raised $31 million from contributors that include Intel Capital, Foundation Capital, and Neotribe.

Keyfactor, founded in 2001, has upped its ante in recent years as demand for device-level security in IoT and industrial IoT environments has escalated. The vendor offers PKI-as-a-service and, via a merger in 2021 with a Swedish firm named PrimeKey, offers end-to-end certificate services. Keyfactor also garnered $125 million in 2021 in a round led by Insight Partners, bringing its total raised to date to about $211.9 million, most of that in the past three years.

Double-Teaming Device Security

With the partnership, enterprise customers will be able to manage PKI and automated certificates via Keyfactor in the Fortanix Data Security Manager. The result, the vendors say, will enable the discovery of keys, the enforcement of policies, and the governance of certificates across all major public clouds, private clouds, and hybrid environments.

Most significant, perhaps, will be the enablement of confidential computing to protect data “in use” in cloud environments.

“Managing a growing number of keys and certificates across multiple technology layers with legacy solutions is a significant challenge,” said BJ Ferguson, VP of channel, North America, at Keyfactor, in a statement. Particularly vulnerable are IIoT devices, which tend to be always on, poorly protected by legacy security solutions, and immune to the kinds of password protections associated with human interaction.

“As more and more enterprises adopt hybrid and multi-cloud infrastructures, managing machine identities becomes a more difficult challenge to tackle,” said Patrick Conte, VP of business development at Fortanix, in the statement cited above. “Teaming with Keyfactor instantly creates a best-of-breed multi-cloud certificate and private key management solution.”

Rewards and Risks

Benefits of this partnership include increased automation with better security, and who doesn’t want that? The solution even comes ready for developers, with native RESTful APIs and plug-ins, the vendors say.

At the same time, competition is increasing, especially for Fortanix, which inhabits a market that’s exploding with activity, as evidenced by the growth of the Confidential Computing Consortium, which counts as members other companies in the space, including Anjuna, CYSEC, Edgeless Systems, and Profian, to name just a few. Established software vendors such a VMware and IBM’s Red Hat are also active in the space.

With so much going on, enterprise customers will have plenty of solutions to choose from. And vendors such as Fortanix and Keyfactor will have plenty of work to keep pace.