Baffle Architecture

Does Real Queryable Encryption mean there is a Fake Queryable Encryption?

TLDR There is no “fake” queryable encryption, but a certain NoSQL database provider has coined the term “Queryable Encryption”, and Baffle has something to say about that. Background To understand real queryable encryption, we must first understand the encryption offerings that already exist. The first encryption offerings to examine are ... Read More
Envelope Encryption

Data Residency Compliance using Baffle and BYOK

Baffle provides strong encryption and data key management, while also allowing our customers and their tenants to “bring your own key” (BYOK) or “hold your own key” (HYOK) for maximum control over their sensitive data. Baffle’s powerful and flexible architecture will drop into your current infrastructure without application code changes ... Read More
Envelope Encryption

Data Residency Compliance using Baffle and BYOK

Baffle provides strong encryption and data key management, while also allowing our customers and their tenants to “bring your own key” (BYOK) or “hold your own key” (HYOK) for maximum control over their sensitive data. Baffle’s powerful and flexible architecture will drop into your current infrastructure without application code changes ... Read More
Azure Responsibility Matrix

Baffle’s Proxy Architecture

Baffle implements database encryption and role-based access control using a reverse proxy configuration that operates at the SQL session layer. This blog will explore what that means and compare it to competing API and agent-based architectures. The post Baffle’s Proxy Architecture appeared first on Baffle ... Read More
Data Tokenization and Masking with Baffle in Amazon Redshift

Data Tokenization and Masking with Baffle in Amazon Redshift

Security and compliance for sensitive data in your cloud data pipeline and warehouse while running data analysis. The post Data Tokenization and Masking with Baffle in Amazon Redshift appeared first on Baffle ... Read More
A look into the file-transfer attack (and how to protect your data)

A look into the file-transfer attack (and how to protect your data)

A discussion of recent Fortra, Accellion, and Progress Software file transfer attacks and the security measures that could be used to prevent them. The post A look into the file-transfer attack (and how to protect your data) appeared first on Baffle ... Read More

Launch of Baffle Manager v2

Baffle is constantly striving to be the easiest way to protect sensitive data.  We do this with a data-centric approach that protects data as it is created, used, and shared across the enterprise, from on-premises data centers to the cloud. The Baffle suite includes a no-code solution to mask, tokenize, ... Read More
Scrabble TDE

Transparent Data Encryption is Not Enough

Security for an earlier time One of the biggest challenges with security is understanding the threats and how to properly defend against them. Just because the data is encrypted “at-rest” and you can make the auditor go away, doesn’t mean the data is protected against the real threats of the ... Read More
Encrypted keys

Data Encryption Methods and their Advantages and Disadvantages

Protecting data has become a critical part of every organization’s operation. However, choosing the best method of data encryption can be difficult with all the available options.   Here we discuss the various encryption methods available, the strengths and weaknesses of each, and approaches to simplify data encryption. Data Encryption ... Read More