Chat
Request Info
Download
Overview HIPAA PCI DSS Algorithms FPE Hashing Key Management Tokenization

Challenges

 

Encryption is one the best ways to protect personally identifiable information (PII) and other sensitive data. However, it can be untargeted, costly, and cumbersome to implement or modify. And beyond application, algorithm and encryption-key-management decisions, there are considerations like authentication and tokenization, format preservation, and referential integrity.

Standalone, data-centric PII encryption solution addressing multiple database table and flat file formats (.txt, .csv, .sam, .dat, .xml, ldif, etc.) are few and far between. Most of the data masking solutions that can encrypt more than a single database are limited in source scope and functionality, or are very expensive otherwise.

Meanwhile, hardware-based encryption and appliances that protect entire networks, machines, databases, disks, or files are inefficient, and overkill. They restrict access to everything, while only sensitive fields need protecting. And if decryption occurs, everything is exposed at once.

Solutions

 

Software products in both the IRI Data Protector and IRI Data Manager suites nullify the effect of data breaches by protecting PII at the field level across multiple data sources. IRI FieldShield and IRI CoSort each include 3DES, AES, FIPS-compliant OpenSSL, and GPG encryption/decryption libraries.

They also provide a broad range of other static data masking (SDM) and dynamic data masking (DDM) functions and methods -- and allow your own -- as part of an overall data loss prevention (DLP) strategy.

Consider these benefits:

Flexibility Efficiency Security
Encrypt only the sensitive data. Leave remaining fields in the table or file alone and otherwise ready for operations.
Field encryption's incremental computing overhead is nominal; no resources are wasted protecting non-sensitive data.
Field-encryption keys and libraries can comply with your role-based access controls framework.
Use IRI's built-in field protection functions along with your own, simultaneously. Customize the mix of data protections based on the data and your business rules.
Apply protections in the same job (and I/O pass) with both data transformation and reporting. This is more efficient, and protects PII in new data sources.
An XML audit trail verifies who protected the data, when, where, and how. Remember, you must be able to prove compliance.
Use the same metadata for IRI RowGen to generate test data if you cannot access the real DB/file source(s).
Profile, remediate, validate, and manage data and jobs together in the same product and Eclipse IDE (IRI Workbench).
Encrypted data are independent of hardware, DBs, and file formats. Fields are secure until decryption.


Learn more about IRI's uniquely powerful field encryption capabilities for data protection and privacy law compliance:

Request More Information

* indicates a required field.
IRI does NOT share your information.