Thales CipherTrust Data Security Platform: Easy discovery, protection and control of sensitive data
Thales announced the launch of the CipherTrust Data Security Platform, a unified data protection solution that enables organizations to discover, protect, and control their most sensitive data wherever it resides.
The new platform helps solve key challenges they face today. These include data security complexity caused by multi-cloud adoption, evolving global and regional privacy regulations, as well as the risk of data breaches from external and internal threats.
Drawing from years of data protection innovation, Thales has built the CipherTrust Data Security Platform to seamlessly unify data discovery, classification and data protection, along with strong access controls and centralised key management.
The ‘all-in-one’ platform combines the best of Thales’s Vormetric and SafeNet KeySecure technologies to give organizations the power to keep sensitive data secure on premises or in the cloud while reducing costs and maintaining the highest levels of compliance assurance.
“CipherTrust Data Security Platform unifies the most critical elements of data security – data discovery, protection and control – into one integrated platform, providing powerful tools to address the evolving global and regional privacy regulations as well as the uptick of cloud adoption intensified by remote working,” said Todd Moore, Vice President, Encryption Solutions, Thales.
“In addition to the external challenges of data protection, our new platform also helps reduce the operational complexities many organizations face, especially as businesses work to recover from the effects of the COVID-19 pandemic. This evolution of security through simplicity is exactly what organizations require now and for the future.”
Solving the complexity problem
Highly-distributed workforces, evolving regulations and technologies, infinite data growth and the exploding use of multi-cloud services puts sensitive data at risk, and makes data security even more challenging. According to the 2020 Thales Data Threat Report – Global Edition, organizations use 29 different cloud services on average.
Lack of visibility and operational complexity has resulted in organizations not knowing where all of their sensitive data is stored. This concern around complexity (identified as the number one barrier to security by nearly 40% of the 2020 Thales Data Threat Report-Global Edition respondents) is simplified with the CipherTrust Data Security Platform.
Discover and classify sensitive data in the cloud and on-premises
As more enterprise applications and data move to the cloud and companies seek to improve scalability and deliver remote capabilities for their workforce, IT organizations will be challenged to have a holistic view of their data.
As part of the platform, CipherTrust Data Discovery and Classification enables organizations to discover and classify sensitive data, as well as remediate, from a single pane of glass. Organizations can understand risks, uncover gaps, and make better decisions about both third-party data sharing and cloud migration.
In addition, the solution provides a comprehensive set of built-in classification templates for commonly requested data privacy and security regulations, such as the GDPR and California Consumer Privacy Act (CCPA), but is flexible enough to handle custom policies based on specific patterns and algorithms.
Protect sensitive data anywhere with advanced encryption and tokenisation
According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.
To address the complexity of where data is stored, the CipherTrust Data Security Platform offers strong capabilities for securing and controlling access to sensitive data in databases, files and containers. Specific technologies include:
- CipherTrust transparent encryption – encrypts data across on-premises, cloud, database, file, and Big Data environments with comprehensive data access controls and detailed data access audit logging that can stop the most malicious attacks,
- CipherTrust database protection – provides transparent column-level encryption of structured, sensitive data residing in databases, such as credit card, social security numbers, national ID numbers, passwords and email addresses,
- CipherTrust application data protection – offers APIs for developers to quickly add encryption and other crypto functions to their applications, while SecOps controls the encryption keys,
- CipherTrust tokenisation – offers application-level data tokenisation services in two convenient solutions that deliver customer flexibility–Vaultless Tokenisation with policy-based Dynamic Data Masking and Vaulted Tokenisation and,
- CipherTrust batch data transformation – provides static data masking services to remove sensitive data from production databases so compliance and security concerns are alleviated when sharing a database with third parties for analytics, testing, or other processing.
Control and centralise management of encryption keys
The accelerated adoption of encryption has led to the need to manage a far larger number of encryption keys across traditional data stores and multiple cloud environments.
Proper management of encryption keys is paramount for data security because if keys are stolen, the encryption is rendered useless, and if they are lost the data is digitally shredded and cannot be recovered. This is why many organizations struggle with managing different key management solutions.
CipherTrust Data Security Platform’s enterprise key management enables businesses to centrally manage and establish strong controls over encryption keys and policies for data encrypted on-premises and by cloud services. Specific technologies include:
- CipherTrust Manager – centralises keys, management and data access policies for all CipherTrust Data Security Platform products and is available in both physical and virtual form factors that are up to FIPS 140-2 Level 3 compliant,
- CipherTrust Cloud Key Manager – offers cloud bring you own key (BYOK) life cycle management for many Infrastructure, Platform- and Software as a Service cloud providers,
- CipherTrust KMIP Server – centralises key management for the standard Key Management Interoperability Protocol (KMIP) commonly used across storage solutions and,
- CipherTrust TDE Key Manager – centralises key management for encryption found in Oracle, SQL, and Always Encrypted SQL.