One of the most valuable assets of your organization is the data stored on your systems. The structured data in business databases is the most valuable of all those assets. For decades we have been constructing and implementing technology to build better “walls and moats” designed to provide a security infrastructure around data to keep it safe. Firewalls, network segmentation, DMZs have all evolved as strategies to keep our data storage systems safe from attack.
This is not unlike the approach people used in medieval times to keep their treasure safe. And, just like the medieval times, someone always finds a way to breach the infrastructure intended to keep our treasured data safe such as building temporary bridges to get over the moat and taller ladders to get over walls, digging tunnels to go underneath the walls, or just using someone inside to let them in. This is just like the ransomware, trojan horse (ironically), and malware culprits of today. So what is the best way to keep your most important data safe when there will always be a way around your security?
The answer is quite simple – you just need to make your data unusable all the time, except only to those who need it and only when they need it. Imagine in medieval times if the thieves arrived at the room that housed all the valuables and found nothing but a pile of rocks and no valuable treasures. All of their efforts to get over moats and walls or to persuade insiders would be for nothing. What if this process of keeping your confidential and regulated data was fast, efficient, audited, and managed in a way that all the existing applications could easily make use it? That is how OnData protects your data.
Using a patent pending process, OnData can encrypt all of your confidential and regulated data in databases and only make it available to the people who have the right permissions to see it and only when they should see it. While most database engines allow encryption of the data at rest, that is not secure enough because once the database system is breached, the confidential and regulated data inside the database could still be accessed in the clear via the database engine. With OnData’s technology, your confidential and regulated data is not only encrypted at rest and in transit, but also at runtime, even when processed by database engines or used by applications. The only time confidential and regulated data is unencrypted is when it is accessed by an authorized user. This technique can be used for all types of confidential and regulated data or anything else that an organization may want to keep secure and compliant with data security standards.
There are many reasons to have good policy and security in place for your critical networks. But the best way to keep your valuable confidential and regulated data safe is to make sure no one has access to it, in any way, until it is needed by an authorized user. OnData’s patent pending Runtime Encryption technology provides a cost effective and efficient tool to protect your confidential and regulated data.