Reduce Application-Layer Encryption Complexity and Costs

Streamlines the process of adding encryption into existing applications, delivering standards-based APIs that power high-performance cryptographic and key management operations

Vormetric Application Encryption

Vormetric Application Encryption delivers key management, signing, and encryption services enabling comprehensive protection of files, database fields, big data selections, or data in platform-as-a-service (PaaS) environments. The solution is FIPS 140-2 Level-1 certified, based on the PKCS#11 standard and fully documented with a range of practical, use-case based extensions to the standard. Vormetric Application Encryption eliminates the time, complexity, and risk of developing and implementing an in-house encryption and key management solution, with development options including a comprehensive, traditional software development kit for a wide range of languages and operating systems as well as a collection of RESTful APIs for the broadest platform support.

Vormetric Application Encryption
Streamline Encryption Implementations

Vormetric Application Encryption simplifies the process of adding key management and encryption to applications. Developers use RESTful API’s, Java, .NET, or C libraries to implement PKCS#11 standards-based solutions.

Secure Cloud and Big Data Environments

With the application encryption solution, you can encrypt specific fields at the application layer, securing sensitive data before it is stored in database, big data, or cloud environments.

Establish Strong Controls

With keys under your control, can have the power to stop compromised DBAs, cloud administrators, hackers, and authorities with subpoenas from gaining unauthorized access to valuable data.

Centralized Key and Policy Management

Vormetric Application Encryption enables centralized key management and control of application-layer encryption. Secure key generation and storage is provided by the Vormetric Data Security Manager. The solution simplifies the data security operations environment, reducing the number of management consoles that administrators have to learn and maintain.

Flexible Implementation Options

Vormetric Application Encryption is available using two programming options: via an installable software development kit (SDK) and run time environment, available for a wide range of operating systems and programming language bindings, and via RESTful API’s. Both options provide access to key management, encryption, signing and other classes of API’s as defined by PKCS#11.

Fine-Grained Authorization

Solution architectures utilizing RESTful API access to Vormetric Application Encryption gain access to fine-grained authorization for access and use of encryption keys.

Supported environments

RESTful API, Microsoft .NET 2.0 and higher, Java 7 and 8, C

Integration standard

OASIS PKCS#11

Encryption

AES, Format Preserving Encryption (FF1)

Operating systems

Linux, Windows 2008, 2012 and 2016

SDK performance

[SDK] 400,000 credit card size encryption transactions per second (e.g. single thread, 32 core, 16GB, C)

Policy and key administration

Vormetric Data Security Manager

Format Preserving Encryption character support

ASCII, Unicode

Certification

FIPS 140-2 Level 1

White Paper : Vormetric Application Encryption Architecture

Vormetric Application Encryption is typically employed when compliance or regulatory mandates require encryption of specific data or database fields at the application, before data is stored. Vormetric Application Encryption reduces the complexity and costs associated with meeting this requirement, simplifying the process of adding encryption capabilities to existing applications. Developers can use libraries for Java, .NET, Python, and C to facilitate communication between applications and the Vormetric Application Encryption library. This library encrypts data as either NIST approved AES-CBC or Format Preserving Encryption (FPE) and returns the resulting cipher text to the application. All policy and key management is done through the Data Security Manager (DSM). This architecture paper goes into detail of the security model, best practices, APIs, and offers a sample application encryption library.

Download

White Paper : Aberdeen Group Demystifies Data-at-Rest Encryption

By Derek E.Brink, CISSP, Vice President and Research Fellow, IT Security and IT GRC This report will provide you with explanations and actionable information that will help you secure your most crucial asset, your data.

Download

Video : Introduction to Vormetric Application Encryption

This video is a tutorial on the Vormetric Data Security Platform with a detailed look into the use cases for application-layer encryption and an overview of the Vormetric Application Encryption product.

Download
Watch our interactive demo Explore
Schedule a live demo Schedule
Get in contact with a specialist Contact us