eperi Data Protection for Databases is the answer to one of the most common forms of attack on databases: obtaining data via compromised administrator accounts. Database administrators are usually allowed to access and edit all data as well as the ones encrypted with the database’s own security methods. Because database administrators typically have access to the cryptographic keys used to protect the sensitive data, there is no guarantee that the information is entirely safe.
With eperi Data Protection for Databases, you create and manage the keys as well as de- and encrypt your sensitive data in a separate environment which is only accessible for privileged users: the eperi Gateway. Comprehensive data protection can only be achieved if you manage both the key management and the cryptographic operations separate from the database system you want to protect.
This allows database administrators to still manage data, optimize performance, perform database backups and regular maintenance as usual. They are however not able to use any of the encrypted data stored in the database tables because they lack the required cryptographic keys to decrypt information and to read it in plain text.