Amazon databases including RDS, EBS, SimpleDB, and S3
Any JDBC-compliant database
At A Glance
How it Works
CipherCloud for Amazon Web Services allows you to benefit from the cost savings and elasticity of cloud-based data storage, while assuring that sensitive information is protected. CipherCloud can inspect content going to and from Amazon databases and apply appropriate security policies, while maintaining the usability of the data. Any database fields can be seamlessly encrypted or decrypted, while preserving database format and key operations such as searching and sorting.
CipherCloud supports a wide array of encryption options that can be applied on a field-by-field basis, letting you maximize security, while maintaining the format and function of the data. With AES 256-bit encryption, and robust key management, CipherCloud assures that no third-parties or unauthorized database administrators can access protected data.
The solution can be easily integrated with other cloud applications, such as Salesforce, to offload file storage, avoiding storage limits and dramatically reducing costs. For example, structured data (such as names, phone numbers, and account numbers) can be stored in Salesforce, while supporting files and attachments can be redirected to AWS. This is completely transparent to end-users who see no change in application behavior—all their data and files appear to be stored in Salesforce. CipherCloud seamlessly encrypts all files and forwards them to AWS for storage, while sending a pointer to the file into Salesforce. All structured data continues to remain stored in Salesforce.
Seamless Integration with Amazon Databases
CipherCloud protects data stored in Amazon RDS, EBS, SimpleDB, or S3. CipherCloud can also integrate with any JDBC-compliant database running on Amazon infrastructure.
Secure Cloud Mashups
CipherCloud lets you offload expensive storage of files and attachments from applications like Salesforce to cost-effective AWS databases, while maintaining strong encryption. The solution is transparent to end-users, with pointer links in Salesforce automatically accessing files stored in Amazon.
Granular Field-Level Protection
Security can be applied on a granular per-field or per-word basis. Multiple security options let you precisely set the level of security and search-ability for each data type, supporting both structured and unstructured data.
AES 256-Bit Encryption
CipherCloud uses standards-based AES 256-bit encryption, which is FIPS-compliant and has been extensively reviewed and tested by many independent organizations. This military-grade standard has been deployed for secure government and civilian applications globally.
Wide Range of Encryption Options
Specialized encryption options support dates, phone numbers, decimal numbers, timestamps, email addresses, or structured number strings such as credit cards or social security numbers.
Enterprise Key Management
The solution includes enterprise-grade key management in compliance with NIST SP 800-57 standards. Keys can be stored securely on the CipherCloud platform or separately on a KMIP-compliant server. Keys can be split between multiple custodians, rotated or expired without affecting legacy data.
Advanced Function Preservation
CipherCloud allows you to preserve the format of database fields as well as the length of encrypted data strings, avoiding the costs and complexity of modifying existing applications or databases. Advanced encryption methods also preserve business-critical functionality such as searching and sorting of encrypted fields.
The CipherCloud platform scales horizontally to meet increases in transaction volume and usage. Symmetric encryption along with a stateless, high-throughput architecture can meet the most demanding enterprise loads.
Multiple Deployment Options
The CipherCloud Server can be installed on a physical server or virtual machine behind your corporate firewall, or deployed in a virtual private cloud (such as Amazon Web Services).