Database Encryption

Reliable protection for your data

The eperi Gateway for Databases encrypts the data in databases and protects database contents against unauthorized access and modification. Here the data itself is encrypted and stored in the database afterwards – even access using administration interfaces is made impossible. The data itself – stored in the database – is encrypted, not only the database files.

The encryption is done rule- and content-based on table- and column level. Because of selectively encrypting individual columns the performance can be significantly increased.

Two things remain with you always – the keys and the decision who gains access to which data. The eperi Gateway for Databases administrates all required keys outside the database in the secure Gateway environment. Here the cryptographic operations are done – completely out of reach of database or system administrators.

Security administrators allocate the respective authorizations for users and database administrators. Even the database administrator has no access to the unencrypted data.

As the eperi Gateway for Databases is run in an independent environment, it is database independent and flexibly scalable.

The eperi Gateway in comparison

Difference between conventional encryption and encryption with the eperi Gateway


The functionality of the eperi Gateway for Databases
  • Simple

    When using the eperi solution you don’t have to modify or edit your IT infrastructure. Also existing database structures remain unchanged for the application. You do not lose any manufacturer guarantees.

    Our solution for database encryption works as transparent proxy or with standardized technologies like Trigger, Views as well as with a Stored Procedures, to connect with the eperi Gateway. Configuration takes less than 60 minutes and the ensuing operation runs completely user independent.

  • Fast

    The eperi Gateway for Databases provides a very advanced performance optimization. Using selective methods results in encrypting only the important data of a database. Additionally, our intelligent Caching enables decrypting frequently requested terms before the application has even asked for them. As our index technology allows a quick search also for encrypted data, database inquiries can be processed efficiently still.

  • Seamless Integration

    When using the eperi Gateway for Databases  all databases, applications, systems or tools remain unchanged. All administration processes are done as before – but with encrypted data. Neither users nor administrators do have to change their workflows. This grants maximum acceptance at implementing the eperi security solution. Database backups may easily be stored into the existing infrastructure – all sensitive data is protected – anytime, anywhere.

A Seamless Data Security Layer for MariaDB

The eperi Gateway is a flexible software based solution that can be deployed in a number of scenarios. Configured with the MariaDB Database Plug-in, the eperi Gateway allows enterprises to protect sensitive data and prevent unauthorised access to sensitive data within the database. Not even system administrators have access to the sensitive data. The concept of separating the encryption service and key management via the eperi Gateway to the MariaDB database itself allows enterprises to meet complex data compliance and data security needs. These data compliance and data security needs are becoming commonplace as next generation IT architectures and services separate the application and databases to distributed architectures and managed IT services. The eperi Gateway with its Plug-in for MariaDB acts as a seamless information security layer, ensuring that enterprise users and application accessing the MariaDB database can meet corporate defined data compliance and security policies leveraging AES-256 encryption protection methods.

The eperi Gateway Plug-in for MariaDB has out-of-the-box built-in support that enables it to provide enterprises with a multitude of data protection and key security features that cannot be addressed with the standard MariaDB Key Management Service (KMS) solutions. eperi is an authorised partner of MariaDB and offers a fully integrated and seamless data security solution.

The enterprise has full control of the encryption keys

The eperi Gateway Plug-in for MariaDB allows advanced key management and data encryption in MariaDB databases. Via the eperi Gateway and its MariaDB Plug-in, standard AES-256 encryption is leveraged which remains fully under the control of the designated Key Administrator within the enterprise.  At no point do unauthorised users such as system administrators have access to the keys or sensitive data, ensuring that the toughest data compliance can be met. The eperi Gateway can also be configured to work with HSM encryption and other key management systems.

Benefits of the eperi Gateway Plug-in for MariaDB

  • Native Mode Encryption Protects Data at Rest

  • External Key Management Server for MariaDB

  • Fully Integrated and Supported by MariaDB

  • Strongest Cryptographic and HSM Support

  • Cryptographic Key Rotation

  • Comfortable GUI for Configuration

  • Flexible Installation On-Premise or in the Cloud

  • Meet Strictest Compliance, Legal and Privacy Requirements