CipherStor Code Example
Encrypting a file with CipherStor is incredibly simple. Just add two lines of code to your .NET or Java application:
// Provide an optional security partition and user role var cipherStor = new CipherStorExt(securityPartition, userRole); // Provide the path to the file, the output path for the encrypted file, // and a boolean of whether or not to compress the encrypted file cipherStor.EncryptLocalFile(filePath, encryptedFilePath, compressFile);
CipherStor in the Cloud
Files transmitted to cloud storage may encrypted via SSL while in-transit. However, once they arrive at the cloud provider, they are often stored in the clear or encrypted with encryption keys residing right in the same service or same cloud provider. CipherStor ensures that your files are encrypted before they ever leave your application. Even if the files are sent over an insecure transport or stored in the clear, the privacy, integrity and confidentiality of the data is always preserved.
When your application reads an encrypted file from cloud storage, CipherStor decrypts the data only within your application. Best of all? The encryption keys are themselves encrypted and stored separately from your application and your cloud provider.
CipherStor’s key management is integrated with CipherDB allowing you to have one unified security model that covers your database and file system for your entire application.
CipherObject works with any cloud provider including
Key Management Integrated
Key Management in CipherStor is unified across all Crypteron agents, regardless of whether it’s CipherDB, CipherStor or CipherObject and regardless of whether it’s from the Java or C# agents. This allows you to use one security model for your entire application or application suite. Your database and file system will have one set of access control rules and security partitions managed from the Crypteron Dashboard. Learn more about Key Management with the Crypteron Dashboard.
Compliance with CipherStor
By using CipherStor’s strong encryption and proper key management that’s 100% in your control, you can comply with your own organization’s security policy or third party standards like HIPAA or PCI (to name a few).
CipherStor satisfies sections of the Security Standards and Safeguards under HIPAA. Security and privacy of patient medical records is impossible to achieve in the cloud paradigm without encryption. A full discussion of how Crypteron can satisfy HIPAA requirements can be found here.
Any company that touches credit card information, must secure that data in order to be PCI compliant. If the data is store in an unstructured data store, it must be encrypted within the storage medium and the encryption keys must be properly managed. Failure to do so cause the vendor to be stripped of its ability to accept credit cards and be subject to hefty fines. A full discussion of how Crypteron can satisfy PCI requirements can be found here.
Under the Hood
CipherStor uses the same encryption as CipherDB to protect your files: FIPS-140-2 certified AES 256 bits in the latest GCM mode. The encryption is so robust that even the National Security Agency (NSA) recommends it for the protection of government and military classified information. In fact AES256-GCM is even permitted to encrypt sensitive data classified as “TOP-SECRET” – the highest classification level possible.
Read the technical specification for more details.