Data Encryption

Hyve offer the following data encryption.

• Database Encryption
• Database Backup Encryption
• File Encryption

Transparent Database Encryption

Clearly defined security policies

Define what information needs to be protected, who has access to this information, when and how it should be accessed, and from what machines and/or applications it can be accessed. This includes the capability to restrict view access of sensitive data from both security and database administrators.

Encryption key management

This provides the capability to centralise all key management tasks on a single platform. It effectively automates key management administration, including an automated and secure mechanism for key rotation, replication and backup.

Monitor and report on policy

Tamper-proof auditing tracks all authorised and unauthorised attempts to access protected data as well as any changes to security policies. It even tracks activities of the database administrator (DBA) with respect to sensitive data, and provides a complete audit report of all these activities. All log records are encrypted and protected.

Features:

• Data protection through selective & highly secure, column-level encryption
• Strong key management centralises all key management tasks
• Separation of duties between security administration & database administration
• Robust audit & reporting to provide insight & integrity
• Application transparency designed to be implemented with no changes to existing applications
• High performance, scalability and easy deployment
• Support for all major relational databases: including Oracle, Microsoft SQL Server and IBM DB2. Available on industry standard UNIX or Windows environments, as well as IBM iSeries and zSeries environments

Database Backup Encryption

Native SQL Server backups are essentially a dump of data stored in SQL Server files. This is an inefficient and insecure way of storing backup data, as it is stored unencrypted, unprotected, and uncompressed.

Creating compressed and encrypted backups of your SQL Server databases, allows you to make smaller, safer, faster database backups. Encrypting the backup file means that only people with the designated password can access that backup file, making it much less vulnerable.

SQL Backup runs on the server hosting your SQL Server databases and uses the SQL Server Virtual Device Interface (VDI). It will compress and encrypt data as it is being backed up. SQL Backup uses 256-bit AES (Rijndael) encryption to secure your backup files from unauthorised access.

Specific features include:

• Up to three levels of compression, with a compression analyser facility, so you know best whether to optimise for speed or for size
• 256-bit encryption to ensure your backups are secure
• User-friendly GUI to guide you through the backup and restore processes, as well as setting up scheduled jobs and log shipping
• Interactive Timeline Monitoring for easy visualisation and greater control over past, present, and future activities
• Command-line interface for users who want total control of SQL Backup
• Extended stored procedure interface, allowing you to run SQL Backup remotely via your favourite database connectivity tool
• Split backups, enabling you to take advantage of multi-CPU and high-speed disk array systems to speed up the backup and restore process even further
• Mirrored backups allow for creation of two or more backup files simultaneously to different disks, to minimise the probability of media errors
• Multiple threads in the SQL Backup engine to optimise backup performance
• Log shipping wizard, making log shipping easier
• Support for SQL Server 2012, 2014 & 2016

File Encryption

Standards Compliance

Encrypting your files supports industry best practices for hardening your critical data and protecting it against attack. It protects executables from infection by worms/viruses, encrypts sensitive information contained in log files, and secure databases by encrypting the underlying database files. Clients utilising this solution can encrypt pages, images, and scripts to protect web sites from the threat of defacement. Security Administrators may optionally group sensitive files into secure folders, freeing themselves from managing the individual files.

Support for Industry Best Practices

Encrypting your files supports industry best practices for hardening your critical data and protecting it against attack. It protects executables from infection by worms/viruses, encrypts sensitive information contained in log files, and secure databases by encrypting the underlying database files. Clients utilising this solution can encrypt pages, images, and scripts to protect web sites from the threat of defacement. Security Administrators may optionally group sensitive files into secure folders, freeing themselves from managing the individual files.

Features:

• Industry-standard encryption for structured and unstructured data
• Transparent to application programs
• Separation of duties between security administration & system administration
• File and protocol agnostic for NAS & SAN storage
• Minimises deployment costs, complexity, and risk
• Flexible, customisable alert and reporting formats for analysis and compliance requirements