Reduce the risk of a breach with Thales database encryption and key management solutions
The Vormetric Data Security Platform and nShield HSMs from Thales eSecurity enable enterprises to protect their most sensitive data from both internal and external threats, and comply with data protection mandates. Compared to native database encryption tools for both on-premises and cloud database environments, Thales solutions provide advantages in terms of both cost and efficiency.
Databases represent a central aggregation point—and a focal point for thieves. Your databases, whether on-premises or in the cloud, hold the data that matters to your business and that is prized by would-be attackers.
Insufficient security controls expose your organization to fraud and data breaches. For example, when key management is handled within the database, the DBA has control of both the data and key. Database encryption solutions often disregard the potential for insider abuse, as well as advanced persistent threats, where an attacker imitates a privileged user.
As database environments expand, so do key management challenges. While database vendors offer key management functionality, this only works when the enterprise uses that vendor's specific databases. Using multiple key management tools is complex and creates more opportunities for errors and fraud.
Vormetric Transparent Encryption offers the capabilities you need to employ strong database encryption, with minimal effort and performance implications. With Vormetric Transparent Encryption, you can secure sensitive data in databases across your enterprise, whether you’re running Oracle, IBM DB2, Microsoft SQL Server, MySQL, Sybase, NoSQL environments, or any combination thereof.
For organizations that need to apply more granular encryption, including at the column or field level within databases, Thales offers Vormetric Application Encryption. Vormetric Application Encryption simplifies the integration of encryption into existing corporate applications and features standard-based APIs, which are used to perform cryptographic and key management operations. Users can choose between standards-based AES encryption and scheme maintaining format preserving encryption (FPE).
For environments that require higher levels of security, nShield hardware security modules (HSMs) deliver FIPS-certified protection for your database keys. Whether you’re using the Thales eSecurity DSM 6100 with an embedded nShield Solo or a stand-alone nShield HSM, nShield helps you meet your needs for high assurance security and compliance. With three different form factors, nShield HSMs serve environments ranging from desktop databases, to single-server databases, to database applications distributed across a network—all while safeguarding keys in a hardened solution.
Thales database encryption solutions are highly scalable and offer protection of your database environment without compromising performance. Our database encryption has been field-tested in the most performance-intensive environments, with proven scalability to support 50,000 cryptographic transactions per second.
Thales enables database encryption without having to make changes to your applications, infrastructure, or business practices, and makes it simple to extend application-layer encryption across virtual, cloud, big data and traditional environments.
The security intelligence built into Vormetric Transparent Encryption provides vital insights needed to track and demonstrate compliance with mandates such as HIPAA, PCI DSS, GLBA, SOX and others.
In today’s enterprises, databases house some of the most highly sensitive, tightly regulated data—the very data that is sought after by malicious insiders and external attackers. To safeguard against the kinds of database attacks that have dominated security headlines recently, organizations are increasingly implementing strong database encryption strategies.
Download this solution brief to learn how Thales can help you protect your critical data against both insider and external threats.
Download
Most enterprises rely on a diverse database infrastructure to meet specific business objectives, but this complexity increases risk and costs. With databases housing our most sensitive and highly regulated information, organizations need better database security strategies.
Download
Microsoft SQL Server and Oracle Database solutions provide native transparent database encryption (TDE) that protects the data stored in their customers’ databases. Managing the TDE keys presents challenges such as isolating them from the assets they protect and storing them securely. Thales key management solutions centralize key management for Microsoft SQL Server and Oracle Database, providing greater command over the keys while increasing data security.
Download
Vormetric Transparent Encryption delivers data-at-rest encryption, privileged user access controls and security intelligence logs to proactively meet compliance reporting requirements for structured databases and unstructured files. With Vormetric Transparent Encryption, IT and security professionals can efficiently safeguard more data, in more environments, and against more threats as sensitive data moves into cloud deployments, big data platforms, virtualized systems and more.
Download
Vormetric Application Encryption reduces the complexity and costs associated with meeting this requirement, simplifying the process of adding encryption capabilities to existing applications. This architecture paper goes into detail of the security model, best practices, APIs, and offers a sample application encryption library.
Download
Vormetric Encryption delivers what we need it to do – without any fuss or drama – knowing it’s in place is one less thing to worry about.Albert AvilaBusiness Solutions Specialist, Fujitsu America, Inc.
As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We selected Thales HSMs to provide robust security, unmatched performance and superior scalability across our payment security platforms, protecting encryption keys from virtually any attack. This helps Verifone to continue reducing merchants’ growing exposure to data breaches and cyber criminals and more aggressively safeguard consumer information… Joe Majka,Chief Security Officer
The Vormetric solution not only solved all of our encryption needs but alleviated any fears of the complexity and overhead of managing the environment once it was in place.Joseph Johnson,chief information security officer CHS
My concern with encryption was the overhead on user and application performance. With Thales eSecurity, people have no idea it’s even running.Karl MudraCIO
Delta Dental of Missouri
Vormetric’s approach of coupling access control with encryption is a very powerful combination. We use it to demonstrate to clients our commitment to preserving the security and integrity of their test cases, data and designs.David VargasInformation Security Architect
Cadence Design Systems
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data.Audley Deansenior director of Information Security,
BMC Software
There is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy and it has always performed flawlessly.Christian MuusDirector of Security for Teleperformance EMEA
Thales eSecurity is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales eSecurity.Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
