Data Security
Moving security to the data itself is more effective protection because it minimizes the potential for any surreptitious access.
CipherTrust Manager is the central management point for all CipherTrust Data Security Platform products. The CipherTrust Manager Physical Appliance not only creates, stores and manages the encryption keys that protect data, it also enables organizations to manage every aspect of their CipherTrust data security platform implementation. The CipherTrust Data Security Manager allows administrators to specify data access policies, administer users and logical domains, generate usage reports, register new hosts, access security logs, manage third-party keys, digital certificates and more. Moreover, as enterprises and service providers need data security management in concert with their other infrastructure, CipherTrust Manager also provides integration capabilities with multiple APIs and a command line interface as well as a simple graphical user interface (GUI) operation.
Transparent Data Protection
Transparent and continuous file-level encryption that protects against unauthorized access by users and processes in physical, virtual, and cloud environments. Transparent file encryption implementation is seamless and fast, keeping both business and operational processes working without changes even during deployment and roll out.
Scalable and Easy to deploy
Scaling to deployments of tens of thousands of physical or virtual servers, the CipherTrust Transparent Encryption solution is available for Windows, Linux, and Unix platforms. The enterprise encryption software can be used, deployed and maintained across physical, cloud, container and big data environments.
Meet Compliance and Best Practice Requirements
Encryption, access controls and data access logging are basic requirements or recommended best practices for almost all compliance and data privacy standards and mandates, including PCI DSS, HIPAA/Hitech, GDPR and many others.
CipherTrust Transparent Encryption
CipherTrust Transparent Encryption (formerly VTE) enterprise encryption software delivers data-at-rest encryption with centralized key management, privileged user access control and detailed data access audit logging. This protects data wherever it resides, on-premises, across multiple clouds and within big data, and container environments.
The deployment is simple, scalable and fast, with agents installed at operating file-system or device layer, and encryption and decryption is transparent to all applications that run above it. CipherTrust Transparent Encryption is designed to meet data security compliance and best practice requirements with minimal disruption, effort, and cost. Implementation of the server encryption software is seamless keeping both business and operational processes working without changes even during deployment and roll out. The server encryption solution works in conjunction with the FIPS 140-2 up to Level 3 validated Data Security Manager, which centralizes encryption key and policy management for the CipherTrust Data Security Platform.
Don’t want to worry about PoC? Leave it to us. Contact ID-3 to discuss your requirements.
Try for Free
Want to try it out? Obtain a free trial hosted in the cloud or at your site. Just drop us a line.
Transparent Data Protection
Transparent and continuous file-level encryption that protects against unauthorized access by users and processes in physical, virtual, and cloud environments. Transparent file encryption implementation is seamless and fast, keeping both business and operational processes working without changes even during deployment and roll out.
Scalable and Easy to deploy
Scaling to deployments of tens of thousands of physical or virtual servers, the CipherTrust Transparent Encryption solution is available for Windows, Linux, and Unix platforms. The enterprise encryption software can be used, deployed and maintained across physical, cloud, container and big data environments.
Meet Compliance and Best Practice Requirements
Encryption, access controls and data access logging are basic requirements or recommended best practices for almost all compliance and data privacy standards and mandates, including PCI DSS, HIPAA/Hitech, GDPR and many others.
CipherTrust Application Data Protection (formerly VAE) delivers key management, signing, and encryption services enabling comprehensive protection of files, database fields, big data selections, or data in platform-as-a-service (PaaS) environments. One version of the solution is FIPS 140-2 Level-1 certified. The product is, based on the PKCS#11 standard and fully documented with a range of practical, use-case based extensions to the standard including but not limited to Microsoft Crypto Next Generation (CNG). CipherTrust Application Data Protection eliminates the time, complexity, and risk of developing and implementing an in-house encryption and key management solution while providing secure key management. Development options include a comprehensive, traditional software development kit for a wide range of languages and operating systems as well as a collection of RESTful APIs for the broadest platform support.
CipherTrust Application Data Protection enables your team to create encryption and key management applications in almost any environment with a choice of a high-performance runtime environment and corresponding SDK or using RESTful APIs.
CipherTrust Application Data Protection simplifies the process of adding key management and encryption to applications. Developers use RESTful API’s, Java, .NET, or C libraries to implement PKCS#11 standards-based solutions. Users of Microsoft Crypto Next Generation simply make standard calls delivering higher key security and secure cryptographic operations.
With the application encryption solution, you can encrypt specific fields at the application layer, securing sensitive data before it is stored in database, big data, or cloud environments.
With keys under your control, can have the power to stop compromised DBAs, cloud administrators, hackers, and authorities with subpoenas from gaining unauthorized access to valuable data.
CipherTrust Tokenization with Dynamic Data Masking dramatically reduces the cost and effort required to comply with security policies and regulatory mandates like PCI DSS while also making it simple to protect other sensitive data including Personally Identifiable Information (PII). Dynamic Data Masking protects data in use while tokenization is protecting data at rest. You can efficiently address your objectives for securing and anonymizing sensitive assets—whether they reside in data center, big data, container or cloud environments. Beyond performing data tokenization, the Tokenization Server centralizes all tokenization configuration with a graphical user interface for creating templates for both tokenization and data masking. Simplicity results from the ability, with a few as just one line of code inserted into applications, to tokenize or detokenize with dynamic data masking.
Remove card holder data from PCI DSS scope with minimal cost and effort and save big on complying with the industry standard with CipherTrust Tokenization with Dynamic Data Masking.
Modern IT architectures require both use and protection of personally identifiable information (PII). Tokenization with Dynamic Data Masking enables both with one line of code for protection and just one more for dynamically masked use of PII. Even more, protection is gained without any encryption key management required by the software developer!
Tokenize data and maintain control and compliance when moving data to the cloud, or big data environments.
Deploy the CipherTrust Tokenization Server globally without concerns about token synchronization or performance. Server clustering enables easy scalability.
A database protected with CipherTrust Transparent Encryption and Live Data Transformation enables non-disruptive initial encryption and simplified, more-compliant encryption key rotations. Users continue to work as usual while encryption is in process.
Deployment and management of data-at-rest encryption can present challenges when transforming clear-text to cipher-text, or when re-keying data that has already been encrypted. Traditionally, these efforts required planned downtime, or they required labour-intensive data cloning and synchronization efforts. CipherTrust Transparent Encryption Live Data Transformation, with zero downtime encryption deployments, eliminates these hurdles, enabling encrypt and re-key with unprecedented uptime and efficiency.
CipherTrust Transparent Encryption Live Data Transformation, with zero downtime encryption deployments, allows for encrypting and re-keying data without taking applications offline. This allows for deployment of data security controls to applications along with business continuity and high availability.
In the past, critical applications had to be taken offline for initial encryption of data and encryption maintenance, with substantial operational costs – Not any more with Live Data Transformation zero-downtime encryption.
Compliance requirements and best practices demand periodic encryption key changes. With Live Data Transformation, maintaining standards no longer requires downtime – applications and users continue to work as usual during rekey operations.
Container technologies are bringing unprecedented benefits to organizations, but also come with new risks. CipherTrust Container Security delivers critical encryption, access controls, and data access audit logging capabilities that enable organizations to meet compliance, regulatory, and best practice requirements for safeguarding data within dynamic container environments.
Containers often run with root level systems permissions (For Docker, by default – elsewhere, when specifically enabled), resulting in administrators having full access to container images and system data. CipherTrust Container Security encryption with data access controls enables privileged users such as Docker or OpenShift cluster administrators to work as usual, without exposing sensitive information.
CipherTrust Transparent Encryption provides a proven approach to safeguarding SAP HANA data that meets rigorous security, data governance and compliance requirements. The solution can be quickly deployed, requiring no changes to SAP HANA or the underlying database or hardware infrastructure. With the solution, organizations can encrypt SAP HANA data and log volumes, and establish strong governance and separation of duties.
VTE for SAP HANA is reviewed and qualified by SAP as suitable for use in SAP solution environments.
Digital transformation has changed nearly every aspect of the modern enterprise, but data is still a company’s most valuable asset. Consequently, mission-critical data must be secured using a combination of encryption, access controls, and robust key management. Used by enterprises both for transactional data operations as well as for real-time analytics, SAP HANA stores and processes sensitive enterprise data. However, traditional data security measures protecting from the perimeter of the data center are no longer sufficient. A much more secure, and best practice approach, is to encrypt mission critical data managed by HANA. This is especially important when HANA is deployed in the cloud or offered as a service.
Detailed data access audit logs delivered by CipherTrust Transparent Encryption are useful not only for compliance, but also for the identification of unauthorized access attempts, as well as to build baselines of authorized user access patterns. CipherTrust Security Intelligence completes the picture with pre-built integration to leading Security Information and Event Management (SIEM) systems that make this information actionable. The solution allows immediate automated escalation and response to unauthorized access attempts, and all the data need to build behavioural patterns required for identification of suspicious usage by authorized users.
To avoid merely recognizing data security events, such as breaches, after they occur, IT managers require a simple way to identify and correlate all relevant data about potential security events, so they can mitigate threats quickly and in real time. Some of the most effective tools for this are Security Intelligence and Event Management (SIEM) solutions.