Randtronics

Randtronics DPM easyCipher

  • Home
  • Randtronics DPM easyCipher

No-code TDE protecting databases, files stores and laptops

Transparent Data Encryption

Randronics DPM easyCipher providers Transparent Data Encryption (TDE) lock-box protection to files, folders and databases. Protection is ‘transparent’ as contents are automatically decrypted for authorized users. Like a lock-box, TDE protected objects are either locked or unlocked.

DPM easyCipher is centrally managed, policy-based encryption management solution that allows an organization to standardize its encryption protection by defining and managing encryption policies and applying these policies to any server or laptop where a DPM easyCipher agent has been installed.

DPM easyCipher protects all files and folders on servers or laptops. Server environments protected by DPM easyCipher include database servers, web/app servers and file servers.

When installed on database servers, DPM easyCipher can either extend or replace database-native TDE (i.e. TDE solutions provided by database vendors to secure their own DB products):

  • Customers already using database-native TDE protection, use easyCipher to protect information residing outside of the database;
  • Customers with databases that lack database-native TDE protection simply use easyCipher to protect all files including multi-vendor databases.

TDE, protecting structured data and more…

DPM easyCipher makes it quick and easy to implement encryption right across your organization:

  • TDE protection for entire server contents. All database types, editions and versions of MS SQL Server, Oracle, MySQL, Postgres, Maria, etc. supported;
  • Like database-native TDE, easyCipher protects structured data within databases from unauthorized access;
  • Unlike database-native TDE,
    • protection also covers DB log files, copies of SQL queries and other materials that may contain echos and traces of the sensitive data contained within the database,
    • copies of sensitive data residing on web/app servers, file servers or laptops are also protected wherever DPM easyCipher agents are deployed,
    • responsibility for encryption management is centralized and out of the hands of DBA teams;
  • DPM easyCipher generates and manages encryption keys for all DPM easyCipher agents under its control;
  • DPM easyCipher protects the whole database environment providing additional protection in the event of a compromised DBA or System Admin account.
Randtronics DPM provides fine-grained data protection. Only users specifically granted access are able to see sensitive data

More Information

DPM easyKey manages all encryption keys and digital certificates.
  • Key Administrators access DPM easyKey via its web browser-based interface.
  • KMIP 1.1 compliant, RESTful API provides encryption key services to client applications.
  • Encryption keys are either generated and protected internally on the DPM easyKey, or an HSM if optionally installed.
  • Integrates with HSM clusters or cloudHSM for hardware key generation
  • Provides no-code integration, key management services for DPM easyCipher and DPM easyData
  • Supports all symmetric and asymmetric keys
  • Access Control for users and clients
  • Dual Control: can be configured to require that 2 people log on to activate, thus providing dual control for significant operations.
  • High-level key assurance via hardware to FIPS 140-3 Level 3/4 and Common Criteria EAL4+/5+. Support for multivendor HSMs from Germany, France, USA, Switzerland or BYO crypto.
  • Separation of Duties – isolate key management responsibility in compliance with best practice recommendations.
  • Enforcement of TLS or SSL connection for key distribution
  • Audit logging of all key management and usage activities
Supported backend databases:
    • Microsoft SQL Server 2019 and up
    • Oracle MySQL 8.0
    • Maria
Supported environments:
    • Windows Server 2019 and up
    • RedHat Linux, CentOS, Oracle Linux, Ubuntu
Supported client interfaces:
    • File encryption key connectors for Windows and Linux based file servers and Laptops
    • APIs using RESTful, SOAP, web services
    • Database connector for databases MS SQL Server and Oracle
    • Multi-vendor HSMs and Microsoft Azure key vault
    • KMIP supported enterprise key manager

Utimaco Security Server case study : click here

Fortanix SDKMS case study : click here

nCipher HSM case study : click here

Securosys HSM case study : click here

Engage Black HSM case study : click here

Entrust nShield HSM case study  : click here

Randtronics DPM suite datasheet : click here

To request a demonstration, please email  enquiry@randtronics.com