Solution Brief

10 Reasons
to Choose
CipherTrust Data
Security Platform

cpl.thalesgroup.com
Building a future we can all trust
From tackling advanced new cyberthreats to ensuring data sovereignty and compliance, organizations are under
pressure to manage an increasingly complex and disparate security landscape. Unifying data discovery, protection
and control on a single, next-generation platform, CipherTrust Data Security Platform gives you complete control.

1. Comprehensive Data Protection 5. FIPS 140-2 Validated HSMs and Connectors

CipherTrust Data Security Platform supports a broad set of data Designed to meet the strictest compliance requirements, many of
protection use-cases. It’s a single control point for the entire data the data protection connectors are FIPS validated. The CipherTust
security lifecycle and include centralized key management, data Manager physical appliance is equipped with an embedded FIPS
encryption, live data transformation, tokenization and dynamic data 140-2 Level 3 HSM for a secure internal root of trust. Other options
masking, role-based access and security intelligence. include virtual and physical appliances to use an external HSM as
a root of trust. For example, supported HSMs are Luna Network
2. Integrated Data Discovery and Classification HSM, Luna Cloud HSM on Data Protection on Demand and AWS
CloudHSM.
Data discovery and classification delivers complete visibility
to protect your sensitive data wherever it resides – across
on-premises, big data and cloud environments. Understand 6. Multi-Cloud Key Management
your business risks and automate remediation using a variety CipherTrust Cloud Key Management (CCKM) increases efficiency
of CipherTrust data protection connectors. by reducing the operational burden—even when all of the cloud
keys are native keys. Giving customers lifecycle control, centralized
3. Support for Broadest Deployment Environments management within and among clouds, and visibility of cloud
encryption keys reduces key management complexity and operational
Protect structured and unstructured data-at-rest across your
costs. CCKM supports:
organization – in files, volumes, databases and applications on
Windows, AIX and Linux OS’s, across physical/virtual servers and in • Multiple clouds – AWS, Azure, Google Cloud,
containers, cloud and big data environments. Oracle, Salesforce and SAP.
• Native cloud key management – amplifies the benefits of native
4. Simple, Centralized Management
keys with outstanding UI that includes a single pane of glass view
Manage your entire data security and streamline connector across multiple accounts, regions, subscriptions and projects. Does
administration with self-service licensing – all from one UI on a single not require customer to set up separate CCKM instances.
console. Set up policies and integrate syslog/SNMP alerts with your
• Increased customer control – Bring Your Own Key (BYOK) and
existing workflows and security information and event management
Hold Your Own Key (HYOK) are supported across multiple cloud
(SIEM) systems with ease.
infrastructures and SaaS applications.
• Metadata is collected and laid out in the same order
for every cloud provider, removing the need to look for data
in disparate places.
7. DevSecOps-Friendly 10. Unparalleled Partner Ecosystem
DevSecOps teams can now transparently protect sensitive data Through standard APIs, the CipherTrust Data Security Platform offers an
in cloud applications and file stores without modifying legacy or extensive set of partner integrations with leading enterprise storage,
cloud-native applications. See CipherTrust Data Protection Gateway server, database and SaaS vendors including Netapp, DellEMC,
and CipherTrust Transparent Encryption for Kubernetes. To simplify VMware, Microsoft, IBM, Oracle TDE, Teradata, ServiceNow, AWS,
deployment of applications integrated with key management Azure, and Google Cloud.
capabilities and automate development and testing of administrative
functions, CipherTrust Manager (CM) offers REST interfaces, in
addition to KMIP and NAE-XML APIs. CM also has its own REST API Complete Control, Seamless Protection
Playground that allows customers to experiment with administration, Whether you’re building your encryption strategy, meeting compliance
key management, user management, and crypto operations. mandates or moving to the cloud, CipherTrust brings everything
together in a single, powerful, next-generation platform.
8. Flexible Deployment Choices
Deploy as a physical or virtual appliance with hybrid clustering
for high-availability environments to ensure optimum processing
About Thales
regardless of the workload location (data center or cloud). CipherTrust Today’s businesses and governments depend on the cloud, data
Manager also provides multi-tenancy and separation of duty and software to deliver trusted digital services. That is why the
capabilities required to support large enterprise environments. most recognized brands and organizations around the world, rely
on Thales to help them protect sensitive information and software
9. Accelerate Time to Compliance wherever it is created, stored or accessed – from the cloud and data
centers to devices and across networks. As the global leader in data
From data discovery and classification to encryption, access control, security, identity & access management, and software licensing, our
audit logs, tokenization, and key management, CipherTrust delivers the solutions enable organizations to move to the cloud securely, achieve
capabilities to assure compliance – with Payment Card Industry Data compliance with confidence, create more value from their software
Security Standard (PCI DSS), General Data Protection Regulation and deliver seamless digital experiences for millions of consumers
(GDPR), the Health Insurance Portability and Accountability Act every day.
(HIPAA), and other global/regional data protection and privacy
laws.

© Thales - December 2023 • RMv5

cpl.thalesgroup.com
Contact us – For all office locations and contact information, please visit cpl.thalesgroup.com/contact-us