Server General TDE

A Data Encryption Service For Cloud Servers

Features

Server General TDE is a data encryption service delivered with help of an agent deployed on the target server. Server General TDE enables data owners to transparently encrypt databases, file servers and directories without having to worry about issues related to key management.

Any Linux Server, Any Cloud Platform
Server General TDE service can be used to encrypt data stored in a Linux server located on any public, private or hybrid cloud. The encryption process does not alter the end-user’s experience. Data can be selectively encrypted based on the sensitivity of the data with different types of encryption algorithms.
It’s Data Encryption Service
Data security and regulatory compliance have become critical issues for private enterprises, public organizations, as well as the government. Managing and securing customer and patient information is a growing concern for IT departments, especially when operating in the cloud. Organizations have been trying hard to comply with many regulations, but the effort necessary often exceeds the capability of small IT groups. Server General TDE service with live monitoring allows organizations to fight against malicious actors who hide behind anonymity that today’s Internet provides. It generally takes less than 30 minutes to install, configure and store keys at a secure location using our service.
Military Grade Encryption
Server General TDE uses the AES encryption algorithm to encrypt data. This is the same algorithm that is used by the U.S. Military to secure their own secrets. Our service is designed to transparently encrypt each and every sensitive data file with a unique and completely random key. The target server can be hosted on a public, private or hybrid cloud.
Low Overhead
Server General TDE has low encryption overhead (typically less than 2%) which results in no material degradation in performance of a database server or a file server.
Protection Against A Malicious Root User
Server General TDE controls access to the protected data sets via advanced access control mechanisms that prevent even the “root” user from accessing the sensitive data sets.
Life-time Key Management
Server General TDE provides robust key management functionality. Different data owners can encrypt their data sets with their own master encryption key on the same machine. Data owners are able to rotate their encryption key to fulfill regulatory compliance requirements. Our service provides key generation, key storage, key rotation and key revocation capabilities.
Store Keys On-Premises
Server General TDE provides an option to store encryption keys on-premises in a secure appliance or within our secure cloud. The customer remains in full and absolute control of their own encryption keys at all times no matter where they are stored.
Role-Based Management
Many solutions cling to old security concepts that result in misplaced trust in the network/system administrator. This completely defies application’s access control logic as intended by the application vendor thereby exposing the application data to a whole host of attacks. The Server General TDE on the other hand segregates management responsibilities based on roles in order to safeguard data.
Log Management
All privileged operations conducted by Server General TDE administrators are logged within and outside of the administrative domain of a customer. This feature provides non-repudiation and is heavily relied upon by auditors.
Battle Hardened Solution
All privileged operations conducted by Server General TDE administrators are logged within and outside of the administrative domain of a customer. This feature provides non-repudiation and is heavily relied upon by auditors.
Based On Open-Source
Server General TDE uses standard encryption functionality, eCryptFS, embedded within the mainstream Linux kernel. This functionality is based on a stackable file system that was developed by Erez Zadok, CTO, Server General Inc.