Skip Navigation

CipherTrust Database Protection

While there are many ways to protect sensitive data in databases, IT requirements for performance, availability and security can sometimes clash: will this security feature compromise database read and write performance? Can I be certain that the encryption key will always be available for fast read performance? Finding the balance between security, availability and performance can lead to a close examination of which columns of the database contain sensitive data that must be protected versus those that might not. And this leads to the possibility of seeking a solution with column-level protection encryption granularity.

For your database security needs, consider CipherTrust Database Protection, a solution that can provide high-performance, column-level database encryption with an architecture that can provide high-availability to ensure that every database write and read happens at almost the speed of an unprotected database.

CipherTrust Database Protection from Thales CPL is available for sale to the U.S. Federal Government exclusively through Thales TCT.

  • Benefits


    • Transparent encryption of sensitive database content on a per-column basis.


    • Gain security without expanding your workload.

    High Performance Architecture

    • Choose where encryption is performed to match your requirements and infrastructure.


    • Meet compliance mandates, such as PCI-DSS and HIPAA, that require data encryption and separation of duties.
  • Features

    Transparent Protection is delivered using native database triggers and views. The effect: no application changes are required for read or write activities.

    Granular access controls ensure only authorized users or applications can view protected data. Granularity can be assured with a specific key for each column, and CipherTrust Manager provides a range of powerful access controls for each key while simultaneously assuring separation of duties, a crucial aspect of data security. A downstream effect of these controls is prevention of database administrators gaining access to encrypted data.

    Built-in, key rotation and data rekeying enables you to gain security with the possibility of actually reducing your workload for higher aggregate IT efficiency.

    Cloud-friendly software you can deploy on-premises and in private- or public cloud environments and Chef recipes get the solution up and running fast.

  • Specifications

    Databases Supported

    • Oracle
    • IBM DB2
    • Microsoft SQL Server
    • Teradata

    Database Server Supported Operating Systems

    • Microsoft Windows
    • Linux
    • Solaris
    • HP-UX
    • AIX

    Encryption Algorithms

    • AES
    • 3DES
    • Format-Preserving Encryption (FPE) (Select data types)

This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.