1. Services
  2. Security
  3. Encryption

Encryption

Encryption In-Transit

When data is in transit between applications, systems or locations it is best protected using appropriate technologies and standards taking into account confidentiality, integrity and availability. For example:

Between …

  • User and Application / Browser and Server
    • TLS/SSL
    • OpenVPN
  • Administrators and Systems
    • TLS/SSL
    • OpenVPN
  • Application and Application / Server to Server / Site to Site
    • TLS/SSL
    • IPSec VPN
  • Application and Database / Server to Server / Site to Site
    • Database Engine
    • TLS/SSL
    • IPSec VPN
  • Backup and System / Site to Site
    • TLS/SSL
    • IPSec VPN
  • Physically / Data to Drive
    • diskAshur Pro2 SED
    • DESLock+ Pro SW

… can be applied.

Please see SSL, VPN and Licensing for more details.

Other Encryption

Application Encryption

Although encryption at other levels is equally important, Encryption/Hashing and Encryption/Decryption of sensitive information is ideally first (after transit) handled by the application layer during input and output, even better if the user can control the keys; reducing the risks/vectors and potential impacts at all other levels.

Database Encryption

Much like application encryption, but often handled within the database engine itself, table/column/field level encryption reduces the risks/vectors and potential impacts at all other levels.

File Level Encryption

Encryption of the files at the operating system level using supported software to encrypt a virtual folder, drive or set of files with decryption occurring on boot or mount until unmounted. This can be provided using the DesLock+ Pro and Enterprise Server licensed products through Pipe Ten’s partnership with ESET.

Full Disk Encryption

Much like File Level encryption full physical or virtual drive encryption at a software level with decryption on boot or mount, can be provided using the DesLock+ Pro and Enterprise Server licensed products through Pipe Ten’s partnership with ESET.

Self Encrypting Disks

In scenarios where critical privacy is required, self encrypting disks provide a hardware device level solution to data at-rest and can out-perform software based solutions. Pipe Ten deploys SED by way of diskAshur Pro2 SED coded storage to address DR scenarios where bulk data collection and physical transit needed, with enterprise server SED drives also supportable.

Transaction Encryption

Pipe Ten has experience in the sourcing and configuration of Thales and similar HSM necessary for communication and transacting with financial markets, services and networks such as Faster Payments or SWIFT.

Licensing Help  Policy ASK

Last modified: 03/05/2019