How can you ensure data security and compliance?

In a world full of threats and cyberattacks, securing user data is a priority. In a regulatory environment that gets stronger day-by-day, concern is to guarantee data confidentiality – whether in a data center, or in the cloud, or on-premise.

Eviden_cybersecurity_Trustway_DataProtect-data-protection

Key numbers

0 + years
encryption expertise
+ 0
Certifications & Qualifications
0 %
European cryptography manufactured
+ 0
Crypto experts
+ 0
Worldwide Partners

What is Trustway DataProtect?

Trustway DataProtect is a single, unified platform for key management across environments, geographies, and siloes of encryption deployments to keep your data safe. It offers a comprehensive data encryption solution to provide organizations with the tools and the capabilities to encrypt any data format, including virtual machines, databases, file systems, applications and tokenization. Trustway DataProtect is a complete solution for cloud, virtual and on-premises infrastructures and complies with the most restrictive data privacy regulations like GDPR, eIDAS, HIPAA or PCI DSS.

Trustway DataProtect a centralized Key management Appliance, based on Trustway Proteccio™ HSM as Root of Trust.

Eviden_cybersecurity_trustway_dataprotect

Key benefits

Any data format
Any data format

Works across physical, virtual or cloud deployments

KMIP compatible
KMIP compatible

Integrated with a wide range of KMIP-compatible encryption solutions from diverse vendors

Mode
Mode

Local or remote mode of cryptographic operations

Key storage
Key storage

Policy-driven automated key rotation

Scalability
Scalability

Scalable, and supports Active-Active configuration

Security policy
Security policy

Will insure a seamless deployment and security policy between all your services

Trustway DataProtect, a unified solution - encryption wherever the data is located

Crypto and encryption Software Development Kit (SDK)

The Application encryption connector empowers users to encrypt structured and unstructured data immediately upon generation, safeguarding it before it spread to different environments and infrastructure.

Application encryption connector features built-in, automated key rotation and data re-keying and can also perform a wide range of cryptographic operations including encryption, decryption, digital signing and verification, secure hash algorithms (SHA) and hash-based message authentication code (HMAC).

The solution provides a single interface for logging, auditing, and reporting access to protected data and encryption keys.

Encryption of sensitive and high-volume data

The Database encryption connector provides transparent column-level encryption of structured, sensitive data residing in databases.

The solution enables large amounts of sensitive data to be moved in and out of data stores by efficiently encrypting and decrypting database. No changes are required to applications and Database encryption connector can scale to support multiple data centers in on-premises, virtual and public cloud environments.

The database encryption is done either with CTE,  Application encryption or External Key Management, depending on customer specific needs.

Replacing sensitive data with a token (crypto generated)

Tokenization connector replaces sensitive data with a unique token (surrogate value) that is stored, processed or transmitted in place of the original data.

The solution offers unlimited data type support, including numeric data with spaces or dashes (e.g. credit card numbers, social security numbers), alphanumeric data (e.g. passport, account, email addresses, dates) and original data retrieval formats, such as full clear value or masked.

We can also provide Vaulted tokenization used for specific Database in order to connect tokenized and detokenized data.

Encrypt Virtual Machines (VMs) globally (KMIP based)

Used as a VM connector, KMIP serves as a universal intermediary for key management systems, enabling different software and hardware devices to securely communicate and exchange encryption keys using a standardized approach. This ensures that keys created by one system can be easily shared and utilized by another system without encountering any compatibility problems.

File system level encryption

The File encryption connector guarantees the utmost data security by automating the encryption and the protection of data either at the file level or at the storage device level. This process ensures that unauthorized users can no longer access or read your files.

The File encryption connector provides your organization with the highest level of file security, meeting the most stringent international security standards available.

Certifications

The tamper-proof design of Trustway Proteccio netHSM has been certified with:

  • Common criteria EAL4+ certification
    The cryptographic module
    The communication module
  • ANSSI QR (Enhanced Qualification)
    Highest level of qualification
    The only HSM with Enhanced Qualification
  • European agreements
  • 100% European cryptography
CC EAL4+
CC EAL4+
NATO SECRET
NATO SECRET
ANSSI QR
ANSSI QR
eIDAS
eIDAS
SOG-IS
SOG-IS

Related resources

Trustway DataProtect Factsheet

Trustway DataProtect

Trustway DataProtect is a data encryption platform, based on our Trustway Proteccio™ HSM, for every environment (cloud, virtual, on-premise).

Data Security with a HSM Brochure

Data Security with a HSM

Our Hardware Security Module (HSM) offers software solutions within a highly secure and high-performance environment, enabling the execution of the most sensitive cryptographic operations.

Our team

Antoine Schweitzer-Chaput

Antoine Schweitzer-Chaput

Head of BU Trustway
Corentin Cordier

Corentin Cordier

Cybersecurity Product Owner
Charles Piron

Charles Piron

Global Sales Director

Interested in our Trustway DataProtect solution, contact our cybersecurity experts