As data breaches continue at alarming rates, securing sensitive data is critical to all organizations. In addition, organizations struggle to stay compliant with evolving privacy regulations, and securing the cloud in the face of accelerated adoption brought on by the new demand to support tremendous number of remote employees. IT security organizations seek a data-centric solution that secures the data as it moves from networks to applications and the cloud. When perimeter network controls and endpoint security measures fail, protecting data at rest is the last line of defense.
The CipherTrust Data Security Platform removes complexity from data security, accelerate time to compliance, and secure cloud migrations. It is built on a modern micro-services architecture, is designed for the cloud, includes Data Discovery and Classification, and fuses together the best capabilities from the Vormetric Data Security Platform and KeySecure and connector products. CipherTrust Data Security Platform unifies data discovery, classification, data protection, and unprecedented granular access controls with centralized key management – all on a single platform. This results in less resources dedicated to data security operations, ubiquitous compliance controls, and significantly reduced risk across your organization.
CipherTrust Data Security Platform is available for sale to the U.S. Federal Government exclusively through Thales TCT.
The CipherTrust Data Security Platform is an integrated suite of data-centric security products and solutions that unify data discovery, protection and control in one platform.
Simplify Data Security. Discover, protect, and control sensitive data anywhere with next-generation unified data protection.
The CipherTrust Data Security Platform simplifies data security administration with ‘single pane of glass’ centralized management console that equips organizations with powerful tools to discover and classify sensitive data, combat external threats, guard against insider abuse, and establish persistent controls, even when data is stored in the cloud or in any external provider’s infrastructure. Organizations can easily uncover and close privacy gaps, prioritize protection, and make informed decisions about privacy and security mandates before a digital transformation implementation.
Accelerate Time to Compliance. Regulators and auditors require organizations to have control of regulated and sensitive data along with the reports to prove it. CipherTrust Data Security Platform capabilities, such as data discovery and classification, encryption, access control, audit logs, tokenization, and key management support ubiquitous data security and privacy requirements. These controls can be quickly added to new deployments or in response to evolving compliance requirements. The centralized and extensible nature of the platform enables new controls to be added quickly through the addition of licenses and scripted deployment of the needed connectors in response to new data protection requirements.
Secure Cloud Migration. The CipherTrust Data Security Platform offers advanced encryption and centralized key management solutions that enable organizations to safely store sensitive data in the cloud. The platform offers advanced multi-cloud Bring Your Own Encryption (BYOE) solutions to avoid cloud vendor encryption lock-in and ensure the data mobility to efficiently secure data across multiple cloud vendors with centralized, independent encryption key management. Organizations that cannot bring their own encryption can still follow industry best practices by managing keys externally using the CipherTrust Cloud Key Manager. The CipherTrust Cloud Key Manager supports Bring Your Own Key (BYOK) use-cases across multiple cloud infrastructures and SaaS applications. With the CipherTrust Data Security Platform, the strongest safeguards protect an enterprise’s sensitive data and applications in the cloud, helping the organization meet compliance requirements and gain greater control over data, wherever it is created, used, or stored.
CipherTrust Manager is the central management point for the platform. It is an industry-leading enterprise key management solution that enables organizations to centrally manage encryption keys, provide granular access controls and configure security policies. CipherTrust Manager manages key lifecycle tasks including generation, rotation, destruction, import and export, provides rolebased access control to keys and policies, supports robust auditing and reporting, and offers development- and management-friendly REST APIs. CipherTrust Manager is available in physical and virtual form-factors that are FIPS 140-2 compliant up to level 3. The CipherTrust Manager can also be rooted to a hardware security module (HSM) such as Thales Luna and Luna Cloud HSM or Thales TCT’s T-Series HSM.
CipherTrust Data Discovery and Classification
CipherTrust Data Discovery and Classification locates regulated data, both structured and unstructured, across the cloud, big data, and traditional data stores. A single pane of glass delivers understanding
of sensitive data and its risks, enabling better decisions about closing security gaps, compliance violations and prioritizing remediation.
The solution provides a streamlined workflow all the way from policy configuration, discovery, and classification, to risk analysis and reporting, helping to eliminate security blind spots and complexities.
CipherTrust Transparent Encryption
CipherTrust Transparent Encryption delivers data-at-rest encryption, privileged user access controls and detailed data access audit logging. Agents protect data in files, volumes and databases on Windows, AIX and Linux OS’s across physical and virtual servers in cloud and big data environments. The Live Data Transformation extension is available for CipherTrust Transparent Encryption, providing zero-downtime encryption and data rekeying. In addition, security intelligence logs and reports streamline compliance reporting and speed up threat detection using leading security information and event management (SIEM) systems.
CipherTrust Application Data Protection
CipherTrust Application Data Protection delivers crypto functions such as key management, signing, hashing and encryption services through APIs, so that developers can easily secure data at the application server or big data node. The solution comes with supported sample code so that developers can move quickly to securing data processed in their applications. CipherTrust Application Data Protection accelerates development of customized data security solutions, while removing the complexity of key management from developer responsibility and control. In addition, it enforces strong separation of duties through key management policies that are managed only by security operations.
CipherTrust Tokenization is offered both vaulted and vaultless and can help reduce the cost and complexity of complying with data security mandates such as PCI-DSS. Tokenization replaces sensitive data with a representative token, so that the sensitize data is kept separate and secure from the database and unauthorized users and systems. The vaultless offering includes policy-based dynamic data masking. Both offerings make it easy to add tokenization to applications.
CipherTrust Database Protection
CipherTrust Database Protection solutions integrate data encryption for sensitive fields in databases with secure, centralized key management and without the need to alter database applications. CipherTrust Database Protection solutions support Oracle, Microsoft SQL Server, IBM DB2 and Teradata databases.
CipherTrust Batch Data Transformation
Batch Data Transformation is a powerful tool that gives you high-performance static data masking as part of the CipherTrust Data Security Platform. It leverages the power of CipherTrust Application Data Protection and CipherTrust Tokenization to protect vast quantities of data quickly.
CipherTrust Key Management
CipherTrust Key Management delivers a robust, standards-based solutions for managing encryption keys across the enterprise.
It simplifies administrative challenges around encryption key management to ensure that keys are secure and always provisioned to authorized encryption services. CipherTrust Key Management solutions support a variety of use cases including:
CipherTrust Cloud Key Manager
Streamlines bring your own key (BYOK) management for Amazon Web Services, Microsoft Azure, Salesforce and IBM Cloud. The solution provides comprehensive cloud key lifecycle management and automation to enhance security team efficiency and simplify cloud key management
CipherTrust KMIP Server
centralizes management of KMIP clients, such as full disk encryption (FDE), big data, IBM DB2, tape archives, VMware vSphere and vSAN encryption, etc.
CipherTrust TDE Key Management
Supports a broad range of database solutions such as Oracle, Microsoft SQL, and Microsoft Always Encrypted.
CipherTrust Data Security Platform Solution Brief
Product overview with technical features and specifications.
CipherTrust Data Security Platform Data Sheet
Detailed product overview with technical features and specifications.
CipherTrust Data Security Platform Infographic
This infographic concentrates on data security complexity caused by multi-cloud adoption, evolving privacy regulations, as well as the risk of data breaches from external and internal threats.
The Key Pillars for Protecting Sensitive Data in Any Organization - White Paper
Traditionally organizations have focused IT security primarily on perimeter defense, building walls to block external threats from entering the network. However, with today’s proliferation of data, evolving global and regional privacy regulations, growth of cloud adoption, and...
Top 10 Reasons for Protecting Your Organization With CipherTrust Data Security Platform
Thales has pushed the innovation envelope with the new CipherTrust Data Security Platform that unifies data discovery, classification, and data protection. It enables organizations to remove data security complexity, accelerate time to compliance, and secure cloud migrations....
CipherTrust Data Security Platform – White Paper
To meet the scale of current and future data security threats, evolving global and regional privacy regulations, and cloud adoption brought on by remote working, organizations need an easier and unified approach to discover, protect and control their sensitive data...
The Importance of KMIP Standard for Centralized Key Management White Paper
This white paper offers a look at the KMIP standard, and it shows how Thales solutions help you maximize the advantages of this standard.
Key Management White Paper
This white paper looks back at the evolution of encryption and key management systems, and examines the key challenges faced by IT teams around encryption systems, including regulation and compliance, complexity, lack of proper management tools. This is followed by a review of the recent industry initiatives and compliance regulations that are shaping the future of key management.
Prevent Ransomware Attacks from Disrupting Your Agency with CipherTrust Data Security Platform White Paper
This white paper helps you understand the anatomy of ransomware attacks and explores the solutions available in the market today to defend against such attacks. It illustrates how security policies in CipherTrust Transparent Encryption from Thales enable you to prevent rogue processes and unauthorized users from encrypting your most sensitive data and thereby protects you from ransomware attacks.
NIST 800-57 Recommendations for Key Management Requirements Analysis - White Paper
The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-57, Recommendations for Key Management Part 1 (Rev 5) provides guidance for cryptographic key management for U.S. Federal Government agencies. Part 1 of the publication outlines best practices for the management of cryptographic keys and discusses key management issues that must be addressed with using cryptography.
Introduction to Thales' CipherTrust Enterprise Key Management Solutions
On Demand Webinar: The Key Pillars for Protecting Sensitive Data
During this webinar, attendees learned how to develop a three-point strategy for protecting sensitive data in their organization.