Contact | Site Map | Home
Products Solutions Support News & Info Company  
 
   
• Overview
• End-to-End       Encryption
• Data in Motion
• Data at Rest
• Central
   Key Management
• Open PGP
• PCI Compliance
• Bank Card Issuing
   & Processing
• Industries Served
• Available Platforms

End-to-End Encryption

End-to end encryption (E2EE) is the ability to protect sensitive data throughout its lifecycle, and throughout your organization. Ideally, data is protected from the moment it enters your enterprise, during any transmission, and while at rest on backup devices or as part of an in-use database.

Because data originates in many different ways, on many different computers and devices, no single vendor can provide all the security solutions necessary to achieve E2EE. For example, hardware encryption vendors typically don’t provide firewalls and anti-virus software. Prime Factors’ EncryptRIGHT® provides E2EE software within business applications, and makes it easier to protect your sensitive data through its lifecycle in your organization.

Protecting sensitive data end-to-end requires that you have a formal security plan. First, you must identify the data (e.g. credit card numbers, SSNs, etc.) that needs protection. Determine where it enters your enterprise, whether you’ll need to send secure data to partners, and who needs access to clear data. You’ll also need to look at how stored data will be protected while not in use.

Once you have identified the data you need to protect and how that data is used, you can set up EncryptRIGHT to provide data security that conforms to your specific requirements and policies for E2EE. Here's how:

  • Central management of all EncryptRIGHT® installations allows security administrators to maintain users, set security policies, create keys, and specify the data fields to protect. These definitions are then automatically distributed to all client computers.
     
  • Security policies within EncryptRIGHT control the creation and use of passwords, the security algorithms your company requires, and which public key certificate fields you require.
     
  • Role-based security ensures that only the right people can maintain and access information. This includes not only the EncryptRIGHT administration, but also use of your own sensitive data.  A quorum of multiple users can ensure that critical administrative functions are not performed by a single person.
     
  • The key management system provides for automatic key creation, rotation, deletion, history, and distribution to client computers.
  • Sensitive data can be secured at the field or record level.
     
  • The easy-to-use EncryptRIGHT API allows you to integrate security in your applications where no security knowledge is needed by the programmer. By securing data within your applications, data is protected in transit, at rest and in backup media.
     
  • Unique user IDs and passwords within both EncryptRIGHT and extended into your own applications allows you to audit sensitive data access down to the field level.  For example, a masked account number can be included in audit entries to allow for access tracking, however fields marked as sensitive will never be included “in the clear” in audit log entries or trace entries.

back to overview

 
 
PrimeFactors PrimeFactors