Home » Solutions » Field Protection » FPE
Format-Preserving Encryption  
» Solutions
Business Intelligence
Data Governance
Data Transformation
ETL/DB Acceleration
Field Protection
Encryption/Decryption
Filtering/Redaction
Anonymization
Data Masking
De/Re-Identification
Pseudonymization
File Interchange
Sort Migration
Test Data/Files
» Resources
case studies Case Studies
white papers White Papers
make text smaller make text larger print this pageemail this page
Encrypt PII and Retain its Original Fomat

Challenges:

Because companies must store and transmit sensitive data, there is a risk of data being stolen or mishandled. Many information security professionals are employing encryption technologies that lock down entire networks, databases, disks, or files - which is inefficient and not necessary more secure. Database-specific column encryption may also be used, but it too is limited to a single platform and often cumbersome to implement, and encryption often renders secured field output unreadable.

There are few technologies providing a choice of encryption algorithms and other data-securing techniques that follow business rules for specific data elements (fields). And when these tools encrypt, the resulting ciphertext maybe be unsightly, and cannot be used for anything other than decryption. Therefore, another goal is to retain the original format of the data in its protected state -- so that it can appear real, preserve referential integrity checks, and be used for testing. For example, how do you encrypt just a 16-digit credit card number (in plain text) such that the result (in cyphertext) is another 16-digit number in the same format?

Solutions:

To address these challenges, IRI has developed features specifically aimed at protecting Personally-Identifying Information (PII) within files and databases, and retaining the format of that data at the same time. By combining AES-256 and advanced Format-Preserving Encryption (FPE) technologies, IRI makes it possible to apply field-level encryption to database tables and flat-file fields without format alterations.

FPE has emerged as a useful method in cryptography, the goal of which is encrypt plaintext “X”, into a ciphertext “Y” in the same format as “X”. The result: a strong encryption design allowing for encryption with minimal changes.

IRI's FieldShield package and the CoSort product's SortCL tool, you can use FPE to:

  • Keep and preserve original data formats
  • Maintain referential integrity
  • Eliminate the need for multiple masking and lookup tables
  • Eliminate format changes, database, or application schema
  • Encrypt primary and foreign keys
  • Provide reversible and non-reversible data masking

IRI's FPE implementations also support all common data types, including ASCII, numeric, native double-byte, Unicode, and others.

See also:

FAQ > Data Privacy

Solutions > Field Protection
     Solutions > Field Protection > Encryption/Decryption
     Solutions > Field Protection > Superior Algorithms
     Solutions > Field Protection > Best Practices
Solutions > Data Governance > Privacy Protection
Solutions > Data Governance > Verifying Compliance
Solutions > Safe Test Data

Products > FieldShield
Products > CoSort > SortCL

Customers > Industry Roles > Compliance Officer

Would you like to see an example of field encryption of social security numbers in a file? Request the IRI white paper called "Making Data Safe for Compliance and Outsourcing."

Would you like to see the unique benefits of IRI's approach to field encryption? Click here.

Request More Info:

* IRI WILL NOT share this info