cpl.thalesgroup.

com

Top 10 reasons CipherTrust

Transparent Encryption protects your
data, wherever it resides
The volume of data that your organization is using and storing has
likely grown significantly in the past year alone. Compliance with CipherTrust Transparent
Encryption
the numerous regional and global privacy laws and regulations is Allow/Block
Encrypt/Decrypt
getting more complex and challenging. Every day brings reports of CipherTrust Manager
new data breaches which damage reputations as well as bottom
lines. There are multiple options available for securing data. Finding
a seamless approach that avoids modification of your applications 110101001010010100101010
01010101010101010

to protect sensitive assets is critical, especially in cases where rapid 0101010010101010

deployment is important. Sensitive data discovery and automated

Big Data Containers Cloud Databases OS/File Systems
protection in a streamlined workflow is highly desirable.
Securing Sensitive Data-At-Rest Wherever It Resides
CipherTrust Transparent Encryption delivers data-at-rest
encryption with centralized key management, privileged user access File-level Privileged User Live Data Integration
Encryption Access Control Transformation to SIEM
control and detailed data access audit logging. This protects data
wherever it resides - on-premises, across multiple clouds and within big
data and container environments. The deployment is simple, scalable
with our data discovery and classification solution to enable integrated
and fast, with agents installed at operating file system or device layer
discovery and protection in a single step, delivering rapid compliance
- encryption and decryption is transparent to all applications that run
and reduced risk. To help you better understand the advantages of
above it. With CipherTrust Transparent Encryption you satisfy data
our offering, we have compiled a top 10 reasons for using CipherTrust
security compliance and best practice requirements with minimal
Transparent Encryption.
disruption, effort and cost. It can be configured to work seamlessly
Transparent operation Easy deployment
1 Operates seamlessly in the background 5 Avoids system downtime
Any data protection system needs to be easy to deploy and use, No one wants to take their systems offline for hours or days to
otherwise it will be an unwanted (and potentially costly) distraction secure their data.
for your organization.
CipherTrust Transparent Encryption utilizes agents for its
There are no application changes necessary to deploy and encrypt cryptographic operations. The agents are installed at the operating
data in files and folders with CipherTrust Transparent Encryption. It file system or device layer – this is a highly scalable and transparent
delivers fast, transparent file-level encryption for your data-at-rest. process, taking place in the background without impacting any of
Operating rapidly and seamlessly, the encryption or decryption your systems or applications, including their performance. Nothing
process is transparent to all your applications running above it. needs to be taken offline during the installation process. When you
Importantly, it does not derail any of your business processes, user are ready to start the encryption of your selected data, our zero
tasks or administration workflows. downtime data transformation capability is invaluable. Using the
Live Data Transformation option means that system downtime is
2 Secures data everywhere eliminated completely for the initial encryption operations, enabling
Your data will likely be in many formats and in various locations – your data to be secured, no matter its size, while your teams keep
securing only a section of your overall data footprint may not keep working as normal.
you safe from a data breach.
6 Covers all major platforms and operating systems
With CipherTrust Transparent Encryption you can encrypt your data, Ensuring that you are able to secure data across all the different
wherever it resides. It offers the ability to address a comprehensive platforms your organization is using is an important consideration
range of structured and unstructured data types with support for when selecting an encryption solution.
on-premises, cloud, big data and container environments – nothing
important is outside the scope of its protection capabilities. CipherTrust Transparent Encryption offers tight integration and
optimization for each particular operating system kernel. It delivers
enhanced performance, leveraging hardware-accelerated
Enhanced security encryption, by making use of the built-in encryption capabilities of
3 Mitigates ransomware attacks some of the latest CPUs from AMD, Intel and IBM. Bring Your Own
Ransomware is a vicious type of malware that cybercriminals use to Encryption (BYOE) is easy to adopt in conjunction with the solution.
block organizations like yours from accessing business critical files, It has support for all major platforms and operating systems together
databases, or entire computer systems, until you, the victim, pay a with some of the latest cloud approaches including Amazon S3
ransom. It is a form of cyber extortion. buckets and Azure Disk and File Storage. A range of extensions
to the CipherTrust Transparent Encryption connector (including Live
Access policies can be defined to create a whitelist of “trusted” Data Transformation, SAP HANA, Efficient Storage and Teradata
applications to prevent any untrusted binaries (e.g. ransomware) from Protection) provides optimized encryption support for specific
accessing data stores protected by CipherTrust Transparent Encryption platforms and configurations that you may already be using or
and to prevent privileged users from accessing user data in files and considering.
databases. These access policies enable you to block any rogue
binaries from encrypting files/databases/devices, even if the intruder 7 Incorporates both internal and external keys
has execute permissions for that binary and read/write permissions to Sometimes you need to use cryptographic keys that already exist
the target file that contains business critical data. CipherTrust Transparent from other systems or which are provided by a third party. If your
Encryption can stop privilege escalation attacks, by preventing chosen data encryption solution is inflexible, you may experience
administrators from reading/writing to protected folders/files/devices. significant issues.
4 Protects against unauthorized data access We designed CipherTrust Transparent Encryption to be as flexible
Encrypting your data is not the end of the story – you need to be as possible – importantly we do not insist that all keys are created
able to provide access to authorized individuals to access and read by the CipherTrust platform. You have the ability to leverage
the data in question. keys that you (or a trusted third party) generated outside of the
CipherTrust Data Security Platform. The ability to import such keys
This is where the role-based access policies at the core of is an alternative to using keys generated by the platform. The
CipherTrust Transparent Encryption come into play. They enable end result is identical – you receive fast, transparent and secure
you to control who, what, where, when and how your data can be protection of your data.
accessed. Access controls are available for system level users and
groups as well as LDAP, Active Directory, Hadoop and Container
users and groups. It is easy to implement privileged user access
controls to enable administrators to work as usual, but protect
against users and groups that are potential threats to your data.
Rapid compliance CipherTrust Data Security Platform
8 Facilitates integrated discovery and protection CipherTrust Transparent Encryption is part of the CipherTrust Data
Failing to protect sensitive data rapidly after discovery could leave Security Platform. The CipherTrust platform unifies data discovery,
you vulnerable and not compliant with data privacy laws and classification, and data protection. It provides unprecedented granular
regulations. A mix and match of data discovery and protection tools access controls and centralized key management. This simplifies data
from different vendors adds complexity and often leads to much security operations, accelerates time to compliance, secures cloud
higher operating costs. migrations and reduces risk across your business.

The CipherTrust platform offers intelligent protection, which is a tight

DISCOVER
integration between CipherTrust Data Discovery and Classification and
CipherTrust Transparent Encryption – enabling you to discover and then
protect data automatically in a single step with no manual intervention.
This platform feature which utilizes CipherTrust Manager to configure ata Sec
plify D
Discovery & Data-at-rest
urit
and manage both the discovery and protection connectors is known as Classification Sim y Encryption
CipherTrust Intelligent Protection - a proven solution to protect your data
and reduce your risk.

FIP
e
ieve Complianc
9 Simplifies compliance reporting

PROTECT
S 14
MONITOR
Proving your handling of data complies with the various laws and

0-2 Validat
regulations can be an onerous task, especially if you are still adopting a CipherTrust
manual, ad-hoc approach. Manager

Ach

ed
As you might expect, CipherTrust Transparent Encryption has a
range of capabilities which make your life easier when needing
to prove your data is in compliance. It supports the creation of Clo u
reports required by auditors as part of compliance regulations – d S e c u rit y
Key
you can export log files generated by the encryption solution to Management
Developer
APIs
a System Information and Event Management (SIEM) solution of
your choosing – we support standard formats for logging including CO N T R O L
syslog, Common Event Format (CEF) and Log Event Extended
Format (LEEF). All access and encryption attempts (successful or
failed) are logged, enabling you to present the complete picture to
both the internal and external auditors as required. About Thales
10 Underpins business continuity The people you rely on to protect your privacy rely on Thales to
Any encryption solution that interferes in a detrimental manner with protect their data. When it comes to data security, organizations are
the day-to-day operations of a business is unlikely to experience faced with an increasing number of decisive moments. Whether the
significant adoption. moment is building an encryption strategy, moving to the cloud, or
meeting compliance mandates, you can rely on Thales to secure
You can be assured that the deployment of CipherTrust Transparent your digital transformation.
Encryption will enable your business to function, uninterrupted.
For example, the solution can be configured to encrypt files while Decisive technology for decisive moments.
leaving the metadata in the clear. It supports business continuity
for administrators and system-level users without violating privacy
and security requirements – a wide range of access control
policy settings enables a granular approach to be implemented
to facilitate the specific needs of all your data users. The integrity,
security and availability of your data is assured by using our
solution.
 Contact us
For all office locations and contact information,
please visit cpl.thalesgroup.com/contact-us

> cpl.thalesgroup.com <

© Thales - November 2021• EHV3