Default banner

Database Security

CipherTrust Database Protection

While there are many ways to protect sensitive data in databases, IT requirements for performance, availability and security can sometimes clash: will this security feature compromise database read and write performance? Can I be certain that the encryption key will always be available for fast read performance? Finding the balance between database security, availability and performance can lead to a close examination of which columns of the database contain sensitive data that must be protected versus those that might not. And this leads to the possibility of seeking a solution with column-level encryption granularity. CipherTrust Database Protection was formerly known as SafeNet ProtectDB

For your database security needs, consider CipherTrust Database Protection, a solution that can provide high-performance, column-level database encryption with an architecture that can provide high-availability to ensure that every database write and read happens at almost the speed of an unprotected database.

CipherTrust Data Protection Diagram

 

  • Benefits
  • Features
  • Specifications

Security

  • Transparent encryption of sensitive database content on a per-column basis.

Efficiency

  • Gain security without expanding your workload.

High Performance Architecture

  • Choose where encryption is performed to match your requirements and infrastructure.

Compliance

  • Meet compliance mandates, such as PCI-DSS and HIPAA, that require data encryption and separation of duties.

Transparent Protection is delivered using native database triggers and views. The effect: no application changes are required for read or write activities.

Granular access controls ensure only authorized users or applications can view protected data. Granularity can be assured with a specific key for each column, and CipherTrust Manager provides a range of powerful access controls for each key while simultaneously assuring separation of duties, a crucial aspect of data security. A downstream effect of these controls is prevention of database administrators gaining access to encrypted data.

Built-in, key rotation and data rekeying enables you to gain security with the possibility of actually reducing your workload for higher aggregate IT efficiency.

Cloud-friendly software you can deploy on-premises and in private- or public cloud environments and Chef recipes get the solution up and running fast.

Databases Supported

  • Oracle
  • IBM DB2
  • Microsoft SQL Server
  • Teradata

Database Server Supported Operating Systems

  • Microsoft Windows
  • Linux
  • Solaris
  • HP-UX
  • AIX

Encryption Algorithms

  • AES
  • 3DES
  • Format-Preserving Encryption (FPE) (Select data types)