Crypto DB is the system of prevention of data leaks from following database management systems: Oracle, Microsoft SQL Server, Tibero и PostgreSQL. It allows you to encrypt database tables in accordance with GOST 28147-89 or GOST R 34.12-2015 (Russian national cryptography algorithms), as well as provides access to information only after authentication by JaCarta USB token or smart card.
The users that are not authorized in the system have no access to protected data (they can see just arbitrary symbol set instead of real data), while all action of authorized users are logging for audit.
Advanced role-based access model and embedded integrity control of Crypto DB libraries and DBMS and OS software modules prevent the compromising of confidential data by DBMS administrators.
Crypto DB provides enciphering the Oracle, Microsoft SQL Server, Tibero, and PostgreSQL database tables. It protects confidential data from outside and inside intruders (for instance DBMS administrators) while the data are processed or stored in a DBMS.
- Government authority departments, local governments, and organizations of various forms of ownership which working with confidential data and personal information.
- Public organizations that are a subject to national information security regulations.
- Commercial organizations that uses or plans to use the database system with critical information (such as personal information, financial information, client’s or business partner’s data, know-how, and others trade secrets) stealing, modifying or leakage of which can lead to tangible losses.
- Support of various DBMSs (Oracle, Microsoft SQL Server, Tibero and PostgreSQL).
- Full or selective encryption of information in database tables using robust cryptographic algorithms.
- Deferred encryption / decryption procedures can be performed without stopping the operation of a whole information system.
- Flexible management of encryption keys to create complex models of access to protected data.
- Two-factor authentication of users using USB tokens or smart cards;
- Advanced role-based access control with reliable separation of operations for system management.
- Protected communication between system components by SSL.
- Monitoring and auditing user actions.
- Embedded control the integrity of Crypto DB libraries, as well as DBMS and OS modules.
- Increasing the level of information security by encrypting databases and using authentication tools.
- Saving of computing resources due to selective encryption of columns of data tables.
- Avoid interception of traffic between components due to the use of strong encryption.
- Protection from DBMS administrators with advanced role-based access model.
- The Crypto DB deployment doesn’t require the modifying the business application.
- Intruder cannot recover disposed data after deleting encryption keys.
- Ensuring business continuity with the functions of a deferred encryption.
- Centralized management of service operations and settings through a single management console.
- Monitoring the actions of employees and administrators through a centralized monitoring and auditing system.
Complexity of Crypto DB deployment depends on several factor such as
- DBMS specialities,
- customer infrastructure specialities,
- customer requirements for business process continuity.
Therefore typical deployment takes approximately from 1 to 3 months and costs in the amount from 2 to 5 million roubles.
Translation of the user interface into a new language takes about 2-3 months and costs about 0.5 – 1 million roubles (depending on the complexity).
- Monitoring and control systems
- Information security software