• Key Management

    How to protect your data with eperi

Whoever has access to your keys also has access to your data

Good key management can be reduced to one simple sentence: Anyone who has access to your cryptographic keys has access to all data that were encrypted with them. In the era of cloud computing this means: if the database and key management are not separated, or if the key management is not in your hands, then this is a potential security gap.

If you want to encrypt your sensitive data, software vendors often offer directly integrated solutions. However, if your goal is to maintain sole control over your data, eperi offers specialized solutions suitable for your application or database.

Key management outside the database to be protected

At eperi, all cryptographic operations as well as the entire authorization and key management take place in the secure environment of the eperi Gateway – outside the applications, databases and IT systems to be protected. The Open Source basis of the solution allows every user to see if the encryption has been implemented correctly. This means complete transparency for your security. IT administrators can work in the same way as before, but now with encrypted data only.

eperi maintains manufacturer guarantees and creates investment security

eperi solutions offer full key management and require no adaptation or modification of existing applications, databases, interfaces or DLLs. This way, the guarantees of the respective manufacturers are maintained and investment safety is sustainably guaranteed.

Consistent rights separation and maximum security

The eperi Gateway is a security system that is administered independently of databases and applications to be protected and therefore contains a strict separation of responsibilities (“separation of duties”). Only the security administrator in your organization has access to the cryptographic keys. He determines which users can read sensitive data in plain text but has no access to the encrypted information himself. In short: the security administrator assigns the rights but does not see any data himself.

Database administrators, on the other hand, see encrypted data but have no access to the cryptographic keys. They can thus carry out their administrative tasks unchanged without having access to sensitive information. This applies to internal administrators as well as external service providers. This gives you full control over your data.

Do you have any questions or would you like to arrange a live demo of an eperi Cloud Data Protection solution?