Get in contact with a Data Security Specialist
THALES GLOSSARY
What is Data Encryption?
Encryption transforms sensitive data (e.g., name, address) into an unreadable format known as ciphertext using a mathematical algorithm and a secret key. Encryption can only be reversed by authorized parties who possess the corresponding decryption key. Ciphertext can be a mixture of numbers, characters and symbols and typically requires more storage space than format-preserving tokens.
Enterprise data encryption with centralized control
Whether storing data in a physical data center, private or public cloud, or third‑party storage application, strong encryption and key management are essential to protect sensitive data.
Our CipherTrust Data Security Platform delivers enterprise data encryption for data at rest, in motion, and in use—combining transparent encryption, tokenization, and role‑based access controls across databases, applications, APIs, files, and storage containers. Centralized key management and a hardened root of trust help enterprises protect master keys and keep data secure.
What others are saying
Software Developer in the Software Industry gives CipherTrust Data Security Platform 5/5 Rating in Gartner Peer Insights™ Data Security Platforms Market
Software Developer in the Software Industry gives CipherTrust Data Security Platform 5/5 Rating in Gartner Peer Insights™ Data Security Platforms Market
Software Developer in the Software Industry gives CipherTrust Data Security Platform 5/5 Rating in Gartner Peer Insights™ Data Security Platforms Market
Enterprise-grade data encryption that scales with your business
Protect sensitive data everywhere with unified encryption, key management, and centralized controls across hybrid environments.
Comply with regulations
Meet global data protection and privacy requirements such as GDPR, HIPAA, and PCI DSS with encryption and key management designed to support audits, reporting, and policy enforcement—helping teams demonstrate compliance while reducing operational burden.
Reduce breach risk
Protect sensitive data from insider threats, ransomware, and compromised credentials with strong encryption and tokenization. Keep data protected even if attackers gain access, minimizing exposure and reducing the impact of security incidents.
Secure data on premises and across clouds
Apply consistent data protection across on‑premises, hybrid, and multi‑cloud environments. Eliminate security gaps as data moves between platforms, while maintaining control and flexibility to support modern enterprise architectures.
Streamline encryption operations
Simplify encryption management with a unified platform for keys, policies, and controls. Reduce complexity, eliminate silos, and scale data protection efficiently as environments, data volumes, and compliance demands expand.
Control data sprawl
Gain visibility into where sensitive data lives across structured and unstructured environments. Discover, classify, and monitor data to eliminate blind spots, reduce risk, and maintain control as data volumes and locations continue to grow.
Enforce access controls
Ensure only authorized users and applications can access sensitive data using role‑based access controls and centrally managed policies. Enforce least‑privilege access consistently to reduce misuse, insider risk, and unauthorized exposure.
Get Started
Enhance your security posture with enterprise-grade data encryption
Forrester Total Economic Impact of Thales CipherTrust Data Security Platform
Cost Savings and Business Benefits Enabled by the CipherTrust Data Security Platform
Prior to implementing CipherTrust Platform, we struggled with encrypting and tokenizing data spread across such a complex IT landscape, but CipherTrust Platform has made it possible to centralize all encryption and key management across all platforms.”
How organizations prevent data exposure with CipherTrust
Encrypt enterprise databases without application changes
Protect sensitive data stored in enterprise databases using CipherTrust Transparent Encryption, a data‑at‑rest encryption solution that secures database files without modifying applications or schemas. Maintain performance while protecting regulated and sensitive data.
Secure data exchanged through APIs and services
Protect sensitive data in motion as it flows between applications, services, and microservices using CipherTrust Application Data Protection. Secure API requests and responses without rewriting application code, ensuring encrypted data exchange across modern architectures.
Protect production data copied into non‑production environments
Prevent exposure when production data is copied into development, testing, analytics, or AI training environments. Use CipherTrust Transparent Encryption and CipherTrust Data Masking to protect sensitive data while supporting safe data reuse.
Publish usable datasets without exposing sensitive fields
Enable secure data sharing by removing sensitive information before datasets are distributed. Apply CipherTrust Data Masking and Redaction to permanently mask PII and confidential fields across databases, files, and analytics datasets.
Control access to cleartext data in shared systems
Limit who can view sensitive data in cleartext across enterprise databases and applications. Use CipherTrust Key Management and policy‑based controls to reveal, mask, or encrypt data based on user role, application, or context.
Security that integrates with your technology ecosystem
With one of the industry’s largest cyber security technology ecosystems, Thales solutions integrate with the most widely used technologies to protect and secure access to your mission-critical applications and data.
Explore the CipherTrust portfolio
CipherTrust Application Data Protection
Application Data Protection empowers developers to easily add application-level protection.
CipherTrust RESTful Data Protection
Simplify data protection and allow developers to call a data protection method without having to manage security themselves.
CipherTrust Data Protection Gateway
Protect RESTful web services and microservices with no change to code, ever.
CipherTrust Transparent Encryption
Data-at-rest, centralized key management, privileged user access control & detailed data access audit logging.
Related Resources
Key Features:
- Data Discovery and Classification: Automatically identifies and classifies sensitive data across your organization, helping you understand where your most valuable information resides and assess its risk.
- Transparent Encryption: Encrypts data at rest and in motion, protecting it from unauthorized access and breaches. The platform supports various encryption methods and standards.
- Database Encryption: Secures databases by encrypting sensitive data at the column or row level, preventing unauthorized access and data exposure.
- Tokenization: Replaces sensitive data with meaningless tokens, protecting it from unauthorized use and disclosure.
- Key Management: Centralizes and manages cryptographic keys, ensuring their security and preventing unauthorized access.
- Access Controls: Enforces granular access controls to restrict access to sensitive data based on user roles, permissions, and location.
- Compliance: Helps organizations meet regulatory requirements like GDPR, HIPAA, and PCI DSS by providing tools for data discovery, classification, and protection.
- Cloud Security: Provides solutions for securing data in cloud environments, including cloud-native encryption and key management.
Benefits:
- Enhanced Data Security: Protects sensitive data from unauthorized access, breaches, and data loss.
- Improved Compliance: Helps organizations meet regulatory requirements and avoid fines.
- Reduced Risk: Mitigates the risk of data breaches and their associated costs.
- Increased Efficiency: Streamlines data security operations and reduces the burden on IT teams.
- Centralized Management: Provides a unified platform for managing data security across various environments.
- Scalability: Easily scales to accommodate growing data volumes and complexity.
CipherTrust Platform is managed through a centralized management console. The management console provides a user-friendly interface for administrators to:
- Configure Policies: Define data protection policies, including classification criteria, access controls, encryption settings, and DLP rules.
- Monitor Activity: Track the platform's performance, monitor data access and usage patterns, and identify potential security threats.
- Manage Keys: Generate, store, and manage cryptographic keys used for encryption and decryption.
- Generate Reports: Create customized reports to track compliance, identify trends, and assess the effectiveness of data protection measures.
- Integrate with Other Systems: Connect CipherTrust with other security systems, such as identity and access management (IAM) solutions, to provide a comprehensive approach to data protection.
CipherTrust Platform data is stored in a secure, encrypted repository. This repository can be located on-premises, in the cloud, or in a hybrid environment, depending on your organization's specific needs and deployment model. The exact location of the data repository will depend on the components and features you are using.
CipherTrust Platform is designed to help organizations meet various compliance regulations by providing tools and features for data discovery, classification, protection, and monitoring. Some of the key compliance regulations that CipherTrust can help address include:
- General Data Protection Regulation (GDPR): CipherTrust offers features for data discovery, classification, and access controls that can help organizations comply with GDPR requirements for data protection and privacy.
- Health Insurance Portability and Accountability Act (HIPAA): CipherTrust can help healthcare organizations protect patient data by providing tools for data encryption, access controls, and compliance monitoring.
- Payment Card Industry Data Security Standard (PCI DSS): CipherTrust can help organizations that handle credit card data comply with PCI DSS requirements by providing features for data encryption, access controls, and vulnerability management.
- California Consumer Privacy Act (CCPA): CipherTrust can help organizations operating in California comply with CCPA requirements by providing tools for data discovery, access controls, and data deletion.
CipherTrust Platform installation can vary in complexity depending on specific components, deployment scenarios, and your organization's existing infrastructure. Thales provides detailed installation guides and support.
Factors that can influence the installation complexity include:
- Deployment Model: Installing CipherTrust in a complex, hybrid environment may require more technical expertise than a simple on-premises deployment.
- Integration with Existing Systems: Integrating CipherTrust with your existing infrastructure, such as databases, applications, and network devices, can add complexity to the installation process.
- Customization: Customizing the platform to meet your organization's specific needs may require additional configuration and testing.