Fortanix Confidential Data Search supports scalable searches in encrypted databases with sensitive data, without compromising data security or privacy regulations. Credit: iStock Cloud data security company Fortanix has announced Fortanix Confidential Data Search, a search offering for encrypted databases within enterprise cloud workflows. “Confidential Data Search allows data analysts to use off-the-shelf, unmodified databases in a standard, unrestricted SQL environment,” said Richard Searle, vice president of Confidential Computing, Fortanix. “Users do not need to convert their datasets to new complex proprietary database formats or deploy proprietary agents.” The search capability, Fortanix claims, doesn’t compromise data security or privacy regulations as it supports a range of regulatory compliance controls. The offering will be available for early trials in the second half of 2023, as part of Fortanix’s data security manager (DSM) SaaS. Confidential and unrestricted search Fortanix Confidential Data Search is powered by the company’s in-house confidential computing technology, a data security method that uses runtime encryption and secures the encryption keys inside of a secure enclave such as Intel SGX, AMD SEV-SNP and AWS Nitro Enclaves. The offering, Fortanix claims, will allow data analysts to use unmodified databases, using a standard SQL environment that is universally familiar, enabling them to retrieve more accurate results, faster. There’s no need to convert databases to complex formats, like existing solutions, or deploy proprietary agents. “The solution uses proven encryption standards for increased trustworthiness, including readiness for post-quantum cryptography (PQC),” Searle said. The new data search capability uses commodity databases and hardware. Fortanix provides secure trusted execution environments (TEEs) as a cloud service, enabling customers to pay based only on usage. The Confidential Data Search ensures query issuer and data owner confidentiality, allowing execution of arbitrary SQL queries without significant system latency. Legacy solutions introduce complexity Fortanix’s new offering is targeted at reducing the complexity that comes with the existing data-searching solutions on the market. Almost all the existing solutions use heavy (expensive and complex) cryptographic technologies, according to Fortanix. “Current solutions that enable secure searches of encrypted data are predominantly based on complex and expensive cryptographic technologies, which are impractical for data-mining complex medical or financial datasets,” Searle said. “Such computationally intensive approaches can be 1,000 to 1,000,000 times slower than standard non-encrypted databases and often require customized hardware to alleviate the delay.” The existing technologies, also called homomorphic encryption, restrict search parameters’ scope, making only numerical searches possible. These technologies may also require additional solutions to validate different levels of access mandated by data regulations. Fortanix’s offering, however, supports data analysis across different geographies which require varying regulatory and compliance controls such as HIPAA, GDPR, FINMA, PCI-DSS, etc. Fortanix will be showcasing the new offering at the 2023 Confidential Computing Summit at the San Francisco Marriot Marquis on June 29. Related content news Most interesting products to see at RSAC 2024 Tools, platforms, and services that the CSO team recommends 2024 RSA Conference attendees check out. By CSO Staff May 06, 2024 9 mins RSA Conference Security feature AI governance and cybersecurity certifications: Are they worth it? Organizations have started to launch AI certifications in governance and cybersecurity but given how immature the space is and how fast it's changing, are these certifications worth pursuing? By Maria Korolov May 06, 2024 12 mins Certifications IT Training Careers news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe