NoSQL databases (aka 'non SQL' or 'not only SQL') are databases that store data in a format other than relational tables. NoSQL databases emerged in the late 2000s as the cost of storage dramatically decreased. Developers (rather than storage) were becoming the primary cost of software development, so NoSQL databases optimised developer productivity.
As businesses rapidly adopt cloud computing, NoSQL databases gives them the flexibility to scale-out and scale-up their applications and extract insights from their data to drive competitive advantage.
Organisations still need to protect sensitive data and intellectual property stored in NoSQL databases and comply with privacy or regulatory mandates, or simply protect the business’ brand against reputational damage. The CipherTrust Data Security Platform enables you to encrypt and secure sensitive assets in your NoSQL databases, while avoiding the challenges traditionally associated with this form of encryption.
Cybercriminals Target NoSQL Databases
Many enterprises that take advantage of Big Data employ NoSQL databases. And, as you might expect, cyber criminals are targeting these databases to steal sensitive data stored in them.
Administrative Complexity across multiple Data Stores
Administrators are faced with a complex and costly task of managing disparate encryption keys for many different databases accumulated over time from separate vendors. They have to factor in the cost of administrative resources required to manage multiple incompatible encryption solutions across SQL and NoSQL databases.
Operational Inefficiencies of Key Management
Managing encryption keys for each data repository and manual systems to store and transmit encryption keys, lack of password control and centralised ways to revoke keys when employees leave creates operational inefficiencies and result in data breaches.
CipherTrust Transparent Encryption
CipherTrust Transparent Encryption delivers data at rest encryption, privileged user access controls and detailed data access audit logging, with no changes to applications and minimal performance implications. It protects data in NoSQL databases on Windows, AIX and Linux OSs across physical and virtual servers, in cloud and big data environments.
CipherTrust Application Data Protection
For organisations that need to apply more granular database protection at the column or field level, CipherTrust Application Data Protection, which provides developer friendly APIs to perform encryption and key management operations.
For enterprises that have chosen to use NoSQL databases, Thales offers centralised key management with CipherTrust Manager. It centrally manages keys for NoSQL database environments, in addition to managing keys for Key Management Interoperability Protocol (KMIP) clients. It simplifies centralised management of key lifecycle, access policies and auditing changes.
Encryption for all Enterprise Databases
While SQL Server TDE can manage keys and protect data in Microsoft SQL Server databases, CipherTrust TDE Key Management can manage keys and provide database encryption across multiple databases – Oracle, IBM DB2, MySQL, NoSQL and Sybase. Thales’ CipherTrust Encryption solutions can secure databases on Windows, Linux and AIX operating systems, and offers coverage for physical, virtual and cloud-based environments.
CipherTrust Manager offers a single unified console to centrally manage cryptographic keys and policies across multiple database environments, to minimise administrative overheads. With broad coverage of database solutions, the CipherTrust platform enables customers to reduce cost and avoid complexity of managing multiple database encryption silos.
Scalable and Flexible
The CipherTrust platform offers multiple products – CipherTrust Manager to manage TDE keys across databases from multiple vendors, CipherTrust Transparent Encryption to encrypt data at the file-system or volume level without modifying applications. The CipherTrust platform uses hardware level encryption technology built into Intel AES-NI chips that offer significant performance improvements for file encryption/decryption operations.