Thales' CipherTrust solutions employ transparent encryption and key management to secure all leading databases, including all versions of Oracle, SQL Server, DB2, Informix, Sybase, and MySQL.
Protecting Databases with Encryption
While there are many ways to protect sensitive data in databases, IT requirements for performance, availability and security can sometimes clash: will this security feature compromise database read and write performance? Can I be certain that the encryption key will always be available for fast read performance? For your database security needs, consider CipherTrust Data Security Platform, a solution that can provide high-performance, database encryption with an architecture that can provide high-availability to ensure that every database write and read happens at almost the speed of an unprotected database.
The Thales CipherTrust Data Security Platform provides the capabilities you need to encrypt and secure sensitive data in databases while avoiding the challenges traditionally associated with database encryption. The solutions available on the CipherTrust Platform will protect your growing database environment from both internal and external threats -- on-premises or in the cloud, no matter which databases you run.
Customers rely on CipherTrust Data Security Platform solutions to secure patient records, credit card information, social security numbers, and more. With CipherTrust Platform, you can discover and protect structured data stored in databases and applications as well as unstructured data kept in file servers.
- Challenges
- Solutions
- Benefits
Data Visibility
Without knowing what data you have and where it lives, you can’t protect it effectively, which means your data is vulnerable. It can be a challenging process to categorize all the different types of data present across different databases and define appropriate policies for data management. Without some form of automation in scanning large data stores, it is extremely difficult to capture all the data that applies to the various privacy regulations and ensure that your database and usage is compliant.
Database Reliability and Performance
Enterprises often suffer from performance issues when implementing poorly designed or inefficient database encryption tools. This negatively impacts end users and applications that rely on real-time access to data.
Insufficient Security Controls
Database encryption tools built with inadequate database encryption security expose the organization to fraud and data breaches. For example, when key management is handled within the database, the database administrator has control of both the data and key. Database encryption solutions also often disregard the risk posed by insider abuse and advanced persistent threats providing attackers the time they need to find and expose vulnerabilities.
Complex and Time-Consuming Key Management
As the database environment expands, so do the key management challenges. Using multiple key management tools is complex and increases the risk of errors and fraud. While database vendors offer key management functionality, this only works when the enterprise uses that vendor's specific databases.
CipherTrust Data Discovery and Classification
The crucial first step in compliance is to understand what constitutes sensitive data, where and how it is stored, and who can access it. Efficient scans enable you to build a strong foundation for your overall data privacy and security. No need to go to different vendors for disjointed solutions. Thales CipherTrust Data Discovery and Classification can efficiently locate most types of data across file servers and traditional databases including Oracle, IBM DB2 and Microsoft SQL Server.
CipherTrust Transparent Encryption
CipherTrust Transparent Encryption offers the capabilities you need to employ strong database encryption with minimal effort and performance implications. With CipherTrust Transparent Encryption, you can secure sensitive data in databases across your enterprise, whether you’re running Oracle, IBM DB2, Microsoft SQL Server, MySQL, Sybase, NoSQL environments, or any combination thereof.
CipherTrust Application Data Protection
For organizations that need to apply more granular encryption, including at the column or field level within databases, Thales offers CipherTrust Application Data Protection, which simplifies the integration of encryption into existing corporate applications. It uses standards-based APIs to perform cryptographic and key management operations. Users can choose between standards-based AES encryption and scheme-maintaining, format-preserving encryption (FPE).
CipherTrust Database Protection
CipherTrust Database Protection provides high-performance, column-level database encryption with an architecture that can provide high-availability to ensure that every database write and read happens at almost the speed of an unprotected database. databases with secure, centralized key management and without the need to alter database applications. Granular access controls ensure only authorized users or applications can view protected data. Granularity can be assured with a specific key for each column, and CipherTrust Manager provides a range of powerful access controls for each key while simultaneously assuring separation of duties, a crucial aspect of data security.
CipherTrust TDE Key Management
CipherTrust TDE Key Management provides lifecycle management for Oracle TDE Master Encryption Keys and Microsoft SQL Server database encryption keys to meet compliance and best practice requirements.
Database Protection Without Noticeable Performance Impact
Thales CipherTrust Data Security Platform solutions are highly scalable and offer protection of your database environment without compromising performance. CipherTrust Transparent Encryption has been field tested in performance-intensive environments, with proven scalability to support 50,000 cryptographic transactions per second.
Seamless Implementation
Thales CipherTrust Data Protection enables high-performance, column-level database encryption without changes to your applications, infrastructure, or business practices, and makes it simple to extend application-layer encryption across virtual, cloud, big data, and traditional environments.
Improved Compliance Posture
Thales CipherTrust Data Discovery and Classification provides data discovery and classification, risk assessment, rich visualizations and detailed reports that enables rapid identification of regulated data, highlights security risks, and help you uncover compliance gaps. This makes it easy for your organization to uncover and close privacy gaps, prioritize remediation, and make informed decisions about privacy concerns.
Database and Big Data Security - KuppingerCole Report
Discover the contents of this report as KuppingerCole rates all the market leaders in database and big data security solutions. With the average cost of a data breach reaching $4 million, companies face financial and reputational damages as well. High-profile “mega...
Download
A Common Platform For Database Encryption: Lower Cost, Reduced Risk - White Paper
Most enterprises rely on a diverse database infrastructure to meet specific business objectives, but this complexity increases risk and costs. With databases housing our most sensitive and highly regulated information, organizations need better database security strategies....
Download
CipherTrust Transparent Encryption - Product Brief
Safeguarding sensitive data requires much more than just securing a data center’s on-premises databases and files. The typical enterprise today uses three or more IaaS or PaaS providers, along with fifty or more SaaS applications, big data environments, container technologies,...
Download
Thales CipherTrust Data Discovery and Classification - Product Brief
The crucial first step in privacy and data protection regulatory compliance is to understand what constitutes sensitive data, where it is stored, and how it is used. If you don't know what sensitive data you have, where it is, and why you have it, you cannot apply effective...
Download
CipherTrust Database Protection - Product Brief
An organization’s most valuable data assets reside in databases and it is imperative to protect them from the devastating and lasting impact of data breaches. With a growing number of internal and external cyber threats, data protection provides a critical last line of defense...
Download
TDE Key Management - Solution Brief
Microsoft SQL Server and Oracle Database solutions provide native transparent database encryption (TDE) that protects the data stored in their customers’ enterprise and cloud-hosted databases. And, as with any encryption-based security scheme, securing and managing the...
Download
Protecting Sensitive Data In And Around An Oracle Database - White Paper
Enterprises storing sensitive data in an Oracle database need to consider the locations around the database where sensitive data might reside, even outside the direct control of the Database Administrators (DBAs).Learn about:Files surrounding the Oracle database which...
Download
Thales Database Protection Solutions - Solution Brief
In today’s enterprises, databases house some of the most highly sensitive, tightly regulated data—the very data that is sought after by malicious insiders and external attackers. Many well-publicized database attacks have occurred in recent years, exposing hundreds of millions...
Download