Server General TDE is a data encryption service for databases and file servers deployed anywhere
Server General TDE is a data encryption service that makes it easy to set-up, maintain, manage and administer data-at-rest encryption of your sensitive information stored in a database or file server deployed anywhere - public, private or a hybrid cloud.
Developed by encryption experts, the service will allow you to offload your data encryption and key management responsibilities to proven experts while taking a concrete step towards achieving regulatory compliance with HIPAA/HITECH, PCI DSS mandates, GDPR, FISMA, GLBA, SOX and FERPA.
Server General TDE has been certified to protect data stored in a MySQL, PostgreSQL, MongoDB, CouchDB or File server. The service includes a full-featured key management system that provides key generation, storage, rotation and revocation. It usually takes less than 30 minutes to install and configure our service. The service is geared towards small-to-medium-sized businesses who want to cut their data security and compliance costs.
Server General TDE is a data encryption service that enables customers to encrypt their application data stored in a Linux server located on a public, private or hybrid cloud. The encryption process does not alter the end-user’s experience. Data can be selectively encrypted based on sensitivity of the information with different types of ciphers.
Server General TDE uses eCryptFS, a standard utility available within the mainstream Linux kernel to encrypt data. eCryptFS is based on a stackable file system that was developed by our CTO, Dr. Erez Zadok.
Server General TDE data security service is a battle-hardened solution. Some of the tier-1 merchants and many leading brands rely on our Server General TDE to protect their critical data on a daily basis.
Managing and securing customer and employee data is a growing concern of all Information Technology departments, especially when operating in the cloud. Organizations try hard to comply with regulations and industry mandates, but the effort necessary often exceeds the capability of small IT groups. Server General TDE being a service allows such organizations to focus on their business while helping them to encrypt their data and manage their encryption keys in a compliant manner. It generally takes less than 30 minutes to install and configure our service.
Server General TDE uses the AES encryption algorithm to encrypt data. This is the same algorithm that is used by the U.S. Military to secure their own secrets. The service is designed to transparently encrypt each and every sensitive file with a unique and completely random key. The target server can be hosted on a public, private or hybrid cloud.
Low encryption overhead (typically less than 2%) that results in no material degradation in performance of a database server like MySQL (or any other application server).
Access to the protected data sets is controlled via advanced access control mechanisms that prevents the root user from accessing the sensitive data sets.
All privileged operations conducted by the Server General administrators are logged within and outside of the administrative domains of our customers. This provides non-repudiation.
Many solutions cling to old security concepts that result in misplaced trust in the system administrator. This completely defies the application’s access control logic as intended by the application vendor thereby exposing the application data to a whole host of attacks. Server General TDE on the other hand segregates management responsibilities based on roles in order to safeguard data.
The service provides an option to store the encryption keys on-premises in a secure appliance or within our secure cloud key locker infrastructure. No matter where the encryption keys are stored the customer remains in full and absolute control of their own encryption keys at all times.
Server General TDE provides robust key management functionality. Different data sets can be encrypted using different encryption keys on a single Linux machine. Data owners are able to rotate their encryption keys to fulfill regulatory compliance requirements. The service provides key generation, key storage, key rotation and key revocation capabilities.
No additional infrastructure required. Server General software is installed on existing servers.
Server General TDE will help you to comply with the HIPAA/HITECH Act. You will be able to transparently encrypt and control access to your ePHI stored in a MySQL, PostgreSQL, MongoDB, CouchDB or a file server.
Businesses rely on Server General TDE to meet PCI DSS mandates 3, 7 and 10. Our customers include tier-1 merchants as well as small businesses. We have gained experience over the years and designed our solution in a manner that makes it easy for you to comply with the PCI DSS mandates.
California’s SB 1386 was signed into law on September 25, 2002 and became effective on July 1, 2003. The legislation mandates that entities doing business with residents of the state of California must safeguard their employee and customer information – and upon discovery of any breach or suspected breach, must report the breach to any individual that may have been affected. The relevant entities are any state agencies, non-profit organizations, persons, or businesses that conduct business in California that own or license computerized data such as credit card transactions, magazine subscriptions, telephone numbers, real estate records, automobile registrations, consumer surveys, warranty registrations, credit reports, etc. It’s important to note that the legislation is not limited to companies domiciled in California; rather its coverage encompasses companies whose customers reside in California. However, the legislation provides a safe harbor provision when the breached information is encrypted. Many other US states have also patterned their breach notification laws after California’s SB 1386. Server General TDE can help businesses gain protection under the safe harbor provision by transparently encrypting in-scope data.
The European Union’s General Data Protection Regulation (GDPR) will become effective as of May 25, 2018. Just like California’s SB 1386 data breach notification legislation, GDPR stipulates that any entity that handles EU citizen’s data must provide notification of a successful breach. The law requires the entity to prove that it had put all the right measures in place to protect the personal information of EU citizens. Server General TDE can be used not only to encrypt data-at-rest but to also control access, manage keys and for generating immutable log files.