Thales banner

Database Security

CipherTrust Database Protection

While there are many ways to protect sensitive data in databases, IT requirements for performance, availability and security can sometimes clash: will this security feature compromise database read and write performance? Can I be certain that the encryption key will always be available for fast read performance? Finding the balance between database security, availability and performance can lead to a close examination of which columns of the database contain sensitive data that must be protected versus those that might not. And this leads to the possibility of seeking a solution with column-level encryption granularity. CipherTrust Database Protection was formerly known as SafeNet ProtectDB

For your database security needs, consider CipherTrust Database Protection, a solution that can provide high-performance, column-level database encryption with an architecture that can provide high-availability to ensure that every database write and read happens at almost the speed of an unprotected database.

CipherTrust Data Protection Diagram


  • Benefits
  • Features
  • Specifications


  • Transparent encryption of sensitive database content on a per-column basis.


  • Gain security without expanding your workload.

High Performance Architecture

  • Choose where encryption is performed to match your requirements and infrastructure.


  • Meet compliance mandates, such as PCI-DSS and HIPAA, that require data encryption and separation of duties.

Transparent Protection is delivered using native database triggers and views. The effect: no application changes are required for read or write activities.

Granular access controls ensure only authorized users or applications can view protected data. Granularity can be assured with a specific key for each column, and CipherTrust Manager provides a range of powerful access controls for each key while simultaneously assuring separation of duties, a crucial aspect of data security. A downstream effect of these controls is prevention of database administrators gaining access to encrypted data.

Built-in, key rotation and data rekeying enables you to gain security with the possibility of actually reducing your workload for higher aggregate IT efficiency.

Cloud-friendly software you can deploy on-premises and in private- or public cloud environments and Chef recipes get the solution up and running fast.

Databases Supported

  • Oracle
  • IBM DB2
  • Microsoft SQL Server
  • Teradata

Database Server Supported Operating Systems

  • Microsoft Windows
  • Linux
  • Solaris
  • HP-UX
  • AIX

Encryption Algorithms

  • AES
  • 3DES
  • Format-Preserving Encryption (FPE) (Select data types)

Related Resources

CipherTrust Database Protection - Product Brief

CipherTrust Database Protection - Product Brief

An organization’s most valuable data assets reside in databases and it is imperative to protect them from the devastating and lasting impact of data breaches. With a growing number of internal and external cyber threats, data protection provides a critical last line of defense...

CipherTrust Data Security Platform - Data Sheet

CipherTrust Data Security Platform - Data Sheet

The CipherTrust Data Security Platform (CDSP) increases data security, accelerates time to compliance, and secures cloud migration – which decreases resources required for data security operations. You can discover, protect and control your organization’s sensitive data to...

Database and Big Data Security - Report

Database and Big Data Security - KuppingerCole Report

Discover the contents of this report as KuppingerCole rates all the market leaders in database and big data security solutions.  With the average cost of a data breach reaching $4 million, companies face financial and reputational damages as well. High-profile “mega-breaches”...