Thales has pushed the innovation envelope with the CipherTrust Data Security Platform to remove complexity from data security, accelerate time to compliance, and secure cloud migrations. This next-generation platform is built on a modern micro-services architecture, is designed for the cloud, includes Data Discovery and Classification, and fuses together the best capabilities from the Vormetric Data Security Platform and KeySecure and connector products. CipherTrust Data Security Platform unifies data discovery, classification, data protection, and unprecedented granular access controls with centralized key management – all on a single platform. This results in less resources dedicated to data security operations, ubiquitous compliance controls, and significantly reduced risk across your business.

The CipherTrust Data Security Platform is an integrated suite of data-centric security products and solutions that unify data discovery, protection and control in one platform.

• Discover: An organization must be able to discover data wherever it resides and classify it. This data can be in many forms: files, databases, and big data and it can rest across storage on premises, in clouds, and across back-ups. Data security and compliance starts with finding exposed sensitive data before hackers and auditors. The CipherTrust Data Security Platform enables organizations to get complete visibility into sensitive data on-premises and in the cloud with efficient data discovery, classification, and risk analysis.

• Protect:Once an organization knows where its sensitive data is, protective measures such as encryption or tokenization can be applied. For encryption and tokenization to successfully secure sensitive data, the cryptographic keys themselves must be secured, managed and controlled by the organization. The CipherTrust Data Security Platform provides comprehensive data security capabilities, including file-level encryption with access controls, application-layer encryption, database encryption, static data masking, vaultless tokenization with policy-based dynamic data masking and vaulted tokenization to support a wide range of data protection use cases.

• Control: Finally, the organization needs to control access to its data and centralize key management. Every data security regulation and mandate requires organizations to be able to monitor, detect, control and report on authorized and unauthorized access to data and encryption keys. The CipherTrust Data Security Platform delivers robust enterprise key management across multiple cloud service providers (CSP) and hybrid cloud environments to centrally manage encryption keys and configure security policies so organizations can control and protect sensitive data in the cloud, on-premise and across hybrid environments.

What do Hardware Security Modules do?

A hardware security module (HSM) is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. Hardware security modules act as trust anchors that protect the cryptographic infrastructure of some of the most security-conscious organizations in the world by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device.

What is the purpose of Hardware Security Modules?

Enterprises buy hardware security modules to protect transactions, identities, and applications, as HSMs excel at securing cryptographic keys and provisioning encryption, decryption, authentication, and digital signing services for a wide range of applications.

What Makes Thales the Best HSM Vendor?

Thales Hardware Security Modules provide the highest level of security by always storing cryptographic keys in hardware. They provide a secure crypto foundation as the keys never leave the intrusion-resistant, tamper-evident, FIPS-validated appliance. Since all cryptographic operations occur within the HSM, strong access controls prevent unauthorized users from accessing sensitive cryptographic material. Thales also implements operations that make the deployment of secure HSMs as easy as possible. They are integrated with Thales Crypto Command Center for quick and easy crypto resource partitioning, reporting and monitoring.

Thales HSMs adhere to rigorous design requirements and must pass through stringent product verification testing, followed by real-world application testing to verify the security and integrity of every device.

Thales HSMs are cloud agnostic, and are the HSM of choice for Microsoft, AWS and IBM, providing a “rentable” hardware security module (HSM) service that dedicates a single-tenant appliance located in the cloud for customer cryptographic storage and processing needs.

Thales Luna Network HSM

Thales Luna Network HSM is a network-attached HSM protecting encryption keys used by applications in on-premises, virtual, and cloud environments. Thales Luna Network HSMs are both the fastest and most secure HSMs on the market. Increase your return on investment by allowing multiple applications or business units to share a common HSM platform.

Thales Luna PCIe HSM

An embedded HSM, Thales Luna PCIe HSM protects cryptographic keys and accelerates sensitive cryptographic operations. The ideal solution for dedicated performance or application security use cases.

Thales Luna USB HSM

Thales Luna USB HSM is an USB-attached HSM that is ideal for storing root cryptographic keys in an offline key storage device. Easy implementation for proof of concepts.

Thales Luna Payment HSM

Thales Luna Payment Hardware Security Modules (HSMs) are network-attached HSMs designed for retail payment system processing environments for credit, debit, e-purse and chip cards, as well as internet payment applications.

Thales ProtectServer HSM

Available in network attached and PCIe form factors, Thales ProtectServer Hardware Security Modules (HSMs) are designed to protect cryptographic keys against compromise while providing encryption, signing and authentication services to secure Java and sensitive web applications.

Thales ProtectServer HSMs offer a unique level of flexibility for application developers to create their own firmware and execute it within the secure confines of the HSM. Known as functionality modules, the toolkits provide a comprehensive facility to develop and deploy custom firmware.