Thales banner

Database Security

CipherTrust Database Protection

While there are many ways to protect sensitive data in databases, IT requirements for performance, availability and security can sometimes clash: will this security feature compromise database read and write performance? Can I be certain that the encryption key will always be available for fast read performance? Finding the balance between database security, availability and performance can lead to a close examination of which columns of the database contain sensitive data that must be protected versus those that might not. And this leads to the possibility of seeking a solution with column-level encryption granularity. CipherTrust Database Protection was formerly known as SafeNet ProtectDB

For your database security needs, consider CipherTrust Database Protection, a solution that can provide high-performance, column-level database encryption with an architecture that can provide high-availability to ensure that every database write and read happens at almost the speed of an unprotected database.

CipherTrust Data Protection Diagram


  • Benefits
  • Features
  • Specifications


  • Transparent encryption of sensitive database content on a per-column basis.


  • Gain security without expanding your workload.

High Performance Architecture

  • Choose where encryption is performed to match your requirements and infrastructure.


  • Meet compliance mandates, such as PCI-DSS and HIPAA, that require data encryption and separation of duties.

Transparent Pprotection is delivered using native database triggers and views. The effect: no application changes are required for read or write activities.

Granular access controls ensure only authorised users or applications can view protected data. Granularity can be assured with a specific key for each column, and CipherTrust Manager provides a range of powerful access controls for each key while simultaneously assuring separation of duties, a crucial aspect of data security. A downstream effect of these controls is prevention of database administrators gaining access to encrypted data.

Built-in key rotation and data rekeying enables you to gain security with the possibility of actually reducing your workload for higher aggregate IT efficiency.

Cloud-friendly software you can deploy on-premises and in private or public cloud environments and Chef recipes get the solution up and running fast.

Databases Supported

  • Oracle
  • IBM DB2
  • Microsoft SQL server
  • Teradata

Database Server Supported Operating Systems

  • Microsoft Windows
  • Linux
  • Solaris
  • HP-UX
  • AIX

Encryption Algorithms

  • AES
  • 3DES
  • Format-Preserving Encryption (FPE) (select data types)

Related resources

CipherTrust Database Protection - Product Brief

CipherTrust Database Protection - Product Brief

An organization’s most valuable data assets reside in databases and it is imperative to protect them from the devastating and lasting impact of data breaches. With a growing number of internal and external cyber threats, data protection provides a critical last line of defense...

CipherTrust Data Security Platform - Data Sheet

CipherTrust Data Security Platform - Data Sheet

As security breaches continue to happen with alarming regularity and data protection compliance mandates get more stringent, your organization needs to extend data protection across more environments, systems, applications, processes and users. With the CipherTrust Data...

Database and Big Data Security - Report

Database and Big Data Security - KuppingerCole Report

Discover the contents of this report as KuppingerCole rates all the market leaders in database and big data security solutions.  With the average cost of a data breach reaching $4 million, companies face financial and reputational damages as well. High-profile “mega-breaches”...