Application-Level Encryption and Key Management Interface
As sophisticated threats emerge and the risk of data exposure grows, encryption is the critical last line of defense when other security measures fail. Application encryption has become essential as it protects data at the earliest stages of the information lifecycle which helps organizations minimize risk, strengthen security, and meet regulatory and compliance mandates.
Secure Sensitive Application Data Across its Lifecycle
SafeNet ProtectApp from Gemalto provides an interface for key management operations, as well as application-level encryption of sensitive data. The solution can protect both unstructured data types (e.g. Excel and PDF files) and structured data types (e.g. credit card numbers, social security numbers, national ID numbers, passwords). Encryption takes place as soon as data is generated or first processed, and it remains secure across its entire lifecycle no matter how many times it is transferred, backed up, or copied. The solution can be deployed in physical, virtual, and cloud infrastructures to keep data secure as it is migrated from one environment to another—without any modification to existing encryption policies or associated application code. SafeNet ProtectApp is available for sale to the U.S. Federal Government exclusively through SafeNet Assured Technologies.
SafeNet ProtectApp is deployed in tandem with KeySecure for Government, a FIPS 140-2 up to Level 3 enterprise key manager, for centralized key and policy management across multiple sites. The solution enables the implementation of granular access controls that separate administrative duties from data and encryption key access. For example, a policy can be applied to ensure that no single administrator can make a critical configuration change without additional approval.
SafeNet ProtectApp features built-in, automated key rotation and data re-keying, and can also perform a wide range of cryptographic operations including encryption, decryption, digital signing and verification, secure hash algorithms (SHA), and hash-based message authentication code (HMAC). The solution provides a single interface for logging, auditing, and reporting access to protected data and encryption keys.