A Proven Data Security Methodology for Modern Regulatory Compliance
The modern enterprise architecture is often a complex environment, consisting of many disparate systems and network tiers. The workhorses of these architectures are often closed systems—mainframes, third-party databases, enterprise resource planning (ERP), or customer relationship management applications. Protecting these assets can be a daunting task.
For architects and security stakeholders looking to implement strong data security policy within their existing enterprise architecture, this brief it presents a path toward data security that is not reliant upon retrofitting every closed system.
Introduction to Tokenization
Tokenization is not a complicated concept. The system takes sensitive data values and replaces them with values (tokens) of the same size and type. Legacy systems that expect 16 byte credit card numbers or 9 byte Social Security numbers will receive 16 or 9 byte tokens. These tokens will reference sensitive data, but not actually be sensitive themselves. Sensitive data will be encrypted and stored in the tokenization system.
Tokenization is simple architecturally as well. A standard tokenization system consists of two pieces:
• The Protected Zone, a basic client-server middleware application and database
• The Secure Message Layer, for all necessary systems to input and retrieve sensitive information
A middleware application in the protected zone performs all security functions of authentication, as well as encryption/decryption, and can be involved in token assignment. All databases in the protected zone are responsible for simple storage of encrypted data and its token. Database in the protected zone can be easily locked down, as access should only come from one source, and communication will be highly predictable.
About SafeNet, Inc.
SafeNet is a global leader in information security. Founded more than 20 years ago, the company provides complete security utilizing its encryption technologies to protect data, communications, intellectual property and digital identities, and offers a full spectrum of products including hardware, software, and chips. UBS, Nokia, Fujitsu, Hitachi, Bank of America, Adobe, Cisco Systems, Microsoft, Samsung, Texas Instruments, the U.S. Departments of Defense, State, and Homeland Security, the U.S. Internal Revenue Service and scores of other customers entrust their security needs to SafeNet.
