Cyber security on a single platform

CipherTrust Data Security Platform enables businesses to discover, protect and control sensitive data anywhere on a single platform.

  • Monday, 21st September 2020 Posted 4 years ago in by Phil Alsop
Thales has launched the CipherTrust Data Security Platform, said to be the industry’s first unified data protection solution that enables organisations to discover, protect, and control their most sensitive data wherever it resides. The new platform helps solve key challenges they face today. These include data security complexity caused by multi-cloud adoption, evolving global and regional privacy regulations, as well as the risk of data breaches from external and internal threats.


Drawing from years of data protection innovation, Thales has built the CipherTrust Data Security Platform to seamlessly unify data discovery, classification and data protection, along with strong access controls and centralised key management. The ‘all-in-one’ platform combines the best of Thales’s Vormetric and SafeNet KeySecure technologies to give organisations the power to keep sensitive data secure on premises or in the cloud while reducing costs and maintaining the highest levels of compliance assurance.

 

“CipherTrust Data Security Platform unifies the most critical elements of data security – data discovery, protection and control – into one integrated platform, providing powerful tools to address the evolving global and regional privacy regulations as well as the uptick of cloud adoption intensified by remote working,” said Todd Moore, Vice President, Encryption Solutions, Thales. “In addition to the external challenges of data protection, our new platform also helps reduce the operational complexities many organisations face, especially as businesses work to recover from the effects of the COVID-19 pandemic. This evolution of security through simplicity is exactly what organisations require now and for the future.”

 

Solving the Complexity Problem

 

Highly-distributed workforces, evolving regulations and technologies, infinite data growth and the exploding use of multi-cloud services puts sensitive data at risk, and makes data security even more challenging. According to the 2020 Thales Data Threat Report - Global Edition, organisations use 29 different cloud services on average. Lack of visibility and operational complexity has resulted in organisations not knowing where all of their sensitive data is stored. This concern around complexity (identified as the number one barrier to security by nearly 40% of the 2020 Thales Data Threat Report-Global Edition respondents) is simplified with the CipherTrust Data Security Platform.

 

“Complexity is one of the main barriers to deploying data security more broadly, in part because overall data security remains fairly specialised and siloed, forcing enterprises to manage multiple vendors and point products,” said Garrett Bekker, Senior Research Analyst, Information Security at 451 Research, part of S&P Global Market Intelligence, in the report, ‘Thales unites KeySecure and Vormetric product lines under CipherTrust Data Security Platform.’ “With the launch of CipherTrust Data Security Platform, Thales is looking to simplify the delivery of data security with one of the broadest data security portfolios in the market, spanning most flavours of encryption (application, database, server, file), vaulted and vaultless tokenisation, masking, key management, cloud key management, and HSMs and most recently, data discovery.”

 

Discover and classify sensitive data in the cloud and on-premises

 

As more enterprise applications and data move to the cloud and companies seek to improve scalability and deliver remote capabilities for their workforce, IT organisations will be challenged to have a holistic view of their data. As part of the platform, CipherTrust Data Discovery and Classification enables organisations to discover and classify sensitive data, as well as remediate, from a single pane of glass. Organisations can understand risks, uncover gaps, and make better decisions about both third-party data sharing and cloud migration. In addition, the solution provides a comprehensive set of built-in classification templates for commonly requested data privacy and security regulations, such as the GDPR and California Consumer Privacy Act (CCPA), but is flexible enough to handle custom policies based on specific patterns and algorithms.

 

Protect sensitive data anywhere with advanced encryption and tokenisation

 

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud. To address the complexity of where data is stored, the CipherTrust Data Security Platform offers strong capabilities for securing and controlling access to sensitive data in databases, files and containers. Specific technologies include:

  • CipherTrust Transparent Encryption – encrypts data across on-premises, cloud, database, file, and Big Data environments with comprehensive data access controls and detailed data access audit logging that can stop the most malicious attacks;
  • CipherTrust Database Protection – provides transparent column-level encryption of structured, sensitive data residing in databases, such as credit card, social security numbers, national ID numbers, passwords and email addresses;
  • CipherTrust Application Data Protection – offers APIs for developers to quickly add encryption and other crypto functions to their applications, while SecOps controls the encryption keys;
  • CipherTrust Tokenisation – offers application-level data tokenisation services in two convenient solutions that deliver customer flexibility--Vaultless Tokenisation with policy-based Dynamic Data Masking and Vaulted Tokenisation; and
  • CipherTrust Batch Data Transformation – provides static data masking services to remove sensitive data from production databases so compliance and security concerns are alleviated when sharing a database with third parties for analytics, testing, or other processing.

 

Control and centralise management of encryption keys

 

The accelerated adoption of encryption has led to the need to manage a far larger number of encryption keys across traditional data stores and multiple cloud environments. Proper management of encryption keys is paramount for data security because if keys are stolen, the encryption is rendered useless, and if they are lost the data is digitally shredded and cannot be recovered. This is why many organisations struggle with managing different key management solutions. CipherTrust Data Security Platform’s enterprise key management enables businesses to centrally manage and establish strong controls over encryption keys and policies for data encrypted on-premises and by cloud services. Specific technologies include:

  • CipherTrust Manager centralises keys, management and data access policies for all CipherTrust Data Security Platform products and is available in both physical and virtual form factors that are up to FIPS 140-2 Level 3 compliant;
  • CipherTrust Cloud Key Manager offers cloud bring you own key (BYOK) life cycle management for many Infrastructure, Platform- and Software as a Service cloud providers;
  • CipherTrust KMIP Servercentralises key management for the standard Key Management Interoperability Protocol (KMIP) commonly used across storage solutions; and,
  • CipherTrust TDE Key Manager – centralises key management for encryption found in Oracle, SQL, and Always Encrypted SQL.