Even if a cyber-criminal is able to obtain a user id and password to gain access to your database, the sensitive data will remain protected.
Even if you give them the AES_256 Key, they still won't be able to decrypt the data, and encryption is only one part of the many layers of code that are employed to protect the data.
A brief explanation of what our software does.
Our Software has one job, and one job only. To Protect your data.
The following images show how our process works in a nutshell:
Our process is database independent, because all it does is package the sensitive or PII data for the
calling third party application, which will then insert the data into the database. Our software doesn’t
even know that there is a database out there or that it is prepping data for insertion or unpackaging
data from a database retrieval. As far as the software is concerned, the application which is interacting
with it could be requesting data to be packaged so that it could be inserted into an Excel spreadsheet or
written to a text file.
Our software also doesn't care if you are passing one field to it to be processed or many fields. It doesn't need to know if you
are passing it a routing number, a first name, or instructions on how to bake cookies.
Traditional database protection includes encryption of the entire database as a whole.
Additional protection can be added through adding permissions and various rights to different users.
These rights can be at the table level, or even down to the column level. Encryption can even be applied
to the table or column(s) level. But once the encryption is broken, the data in the database, in the
tables, in the individually protected columns is exposed. A column that has additional encryption
protection and contains credit card numbers, once broken into, has those credit card numbers nicely
Additionally, this encryption involves key management which is either handled by the Database
Administrator, or by the IT Security Team. The IT Security Team has to depend on the Database
Administrator to handle the key management implementation since they are not authorized to touch
the database. Our software handles its own key management independently of the key management of
the database encryption. Even if a cybercriminal gets through all of the encryption that is associated
specifically with the database, our encryption is independent of this. Our encryption will still be intact
and if they get through that, there are multiple levels of translation and decoding/encoding that
protects the data.
Our software protects the data beyond encryption, and our protection is independent of the defenses
that are being used to protect the database. Our software has a very strong and powerful engine beneath the encryption process. This software solution can protect data down to the
individual column/cell level. But unlike just protecting a column of credit card numbers, it protects a
collection of sensitive or PII data beyond mere encryption. It makes the data unusable to a
cybercriminal regardless of how they get in.
If you are interested in pursuing this offering, please contact Brian Mazar at (800) 248-0615 or email@example.com and request an NDA to receive a full package of information.
Please download our white paper for more information and to see how our software is different from other encryption software on the market.
It is time to start protecting the data and not just the database!