CipherTrust Application Data Protection offers simple-to-use, powerful software tools for application-level key management and encryption of sensitive data. The solution is flexible enough to encrypt nearly any type of data passing through an application. Applicate-layer data protection can provide the highest level of security, as it can take place immediately upon data creation or first processing and can remain encrypted regardless of its data life cycle state – during transfer, use, backup or copy. CipherTrust Application Data Protection can be deployed in physical, private or public cloud infrastructure to secure data even when it is migrating from one environment to another, without any modifications to existing encryption or data processing policies.
CipherTrust Application Data Protection is deployed with CipherTrust Manager, an architecture that centralizes key and policy management across multiple applications, environments, or sites. The combined solution provides granular access controls that separate administrative duties from data and encryption key access. For example, a policy can be applied to ensure that no single administrator can make a critical configuration change without additional approval.
CipherTrust Application Data Protection from Thales CPL is available for sale to the U.S. Federal Government exclusively through Thales TCT.
Centralized key management
Centralized key management enables developers to add security to applications, free from complex and risky alternative key management stores.
Accelerate Secure Application Development
With APIs for both PKCS#11 and KMIP and bindings for Java, C/C++, .NET and REST, more developers gain a faster start and can leverage the solution for more data protection use cases.
Leverage the cloud with utmost security
Architecture is both IaaS- and PaaS friendly, with keys that cloud administrators cannot access.
Offload crypto processing from application hosts
Leveraging CipherTrust Manager power cryptographic performance, simple configuration tells the archtecture to encrypt there, saving application server CPU cycles.
Broad Key Support
The solution offers both symmetric and asymmetric keys to cover a vast range of use cases.
Many Architecture Choices
The solution offers development flexibility, provided with a range of architecture and API choices. Developers can choose RESTful APIs to limit deployment footprint, leveraging both key management and crypto operations occurring on CipherTrust Manager. In addition, installable development libraries and APIs are available. Finally, another lightweight deployment option is to install the encryption and key management libraries on a web server and access them from an application server using SOAP or REST APIs.
Automated Key Rotation
CipherTrust Application Data Protection features built-in, automated key rotation, and offers a wide range of cryptographic operations including encryption, decryption, digital signing and verification, secure hash algorithms (SHA), and hash-based message authentication code (HMAC).
Rich Ecosystem of Solutions
CipherTrust Application Data Protection provides key management and/or encryption services for a formidable ecosystem of solutions including Linux Unified Key Management (LUCKS) and key management for Transparent Database Encryption (TDE) vendors including Oracle, Microsoft SQL Server, and HashiCorp Vault, among many others.
Development Libraries and APIs
Web Application Servers
Cloud and Virtual Infrastructures
Supported Platforms for ICAPI Provider