The well-established shared responsibility model for cloud security says that you are responsible for securing your data in Infrastructure-, Platform, and Software-as a Service (IaaS, PaaS and SaaS) environments. It’s a multi-cloud world, and Dymar can help achieve full cloud data security.

Dymar provide security solutions enables nearly any cloud environment to be a trusted and compliant environment by solving the critical challenges of data governance, control, and ownership.

The shared responsibility model for cloud security exists because in spite of the convenience, cost-savings, and even centralizations of IT expertise in the cloud, data breaches in and from the cloud are real. But why do breaches in the cloud happen? The answers can be found in several, preventable ways:

  • Human error can still occur, perhaps exacerbated by self-service and varying security controls across different IaaS/PaaS and SaaS providers. Multi-cloud means learning new policies and cloud- and identity-security solutions.
  • Vulnerabilities happen in software, hardware and firmware, whether on-premises or in the cloud.
  • Insiders include both cloud infrastructure administrators plus your administrators with elevated privileges in the cloud. In IaaS, OS root users have too much visibility, with admin credentials targeted and compromised – sometimes the same passwords used in the cloud as on-premises. And with certain types of encryption, privileged users can see data in the clear for all users.
  • Even with encryption, there remains the risk of poor practices for encryption keys, which truly require enhanced control and separation between encrypted data in the cloud and the keys.

Secure your data in motion across the cloud. Encrypt your virtual machine instances. Protect your files, folders and shares transparently in the cloud

Secure your applications in the cloud. Protect your databases in the cloud. Application-level tokenization service

Key lifecycle management across clouds

Strengthen security
Centrally manage and broadly deploy security policies to reduce the cost and effort of securing cloud services and managing the keys for disparate security solutions.

Ensure compliance and provide detailed audit trails
Encryption ensures that your data is unreadable even if breached. With a unified, cohesive view of cryptographic activity across your enterprise’s cloud-based and on-premises operations, organizations can much more readily track and comply with all relevant security and privacy mandates, dramatically reducing audit durations and costs.

Reduce security and IT costs
Leverage proven, repeatable, and documented processes. With centralized, efficient processes for managing policies and cryptographic keys, both upfront cost and ongoing administration efforts are minimized whatever cloud you are using.

Increase IT and business agility
Adapt to changing requirements and challenges. Roll out quickly and effectively, taking advantage of the cloud’s agility to support your business objectives—without making any compromises in security.

CipherTrust Data Security Platform

As security breaches continue to happen with alarming regularity and data protection compliance mandates get more stringent, your organization needs to extend data protection across more environments, systems, applications, processes and users. With the CipherTrust Data Security Platform from Thales, you can effectively discover, protect and control your organization’s sensitive data anywhere with next-generation unified data protection. efficiently address compliance requirements, regulatory mandates and industry best practices for data security. With a unified management console, it makes it easy to set policies, discover and classify data, and protect sensitive data wherever it resides using the CipherTrust Data Security Platform products.


CipherTrust Manager

CipherTrust Manager offers the industry leading enterprise key management solution enabling organizations to centrally manage encryption keys, provide granular access control and configure security policies. CipherTrust Manager is the central management point for the CipherTrust Data Security Platform. It manages key lifecycle tasks including generation, rotation, destruction, import and export, provides role-based access control to keys and policies, supports robust auditing and reporting, and offers developer friendly REST API.


CipherTrust Transparent Encryption

CipherTrust Transparent Encryption delivers data-at-rest encryption with centralized key management, privileged user access control and detailed data access audit logging. This protects data wherever it resides, on-premises, across multiple clouds and within big data, and container environments.

The deployment is simple, scalable and fast, with agents installed at operating file-system or device layer, and encryption and decryption is transparent to all applications that run above it. CipherTrust Transparent Encryption is designed to meet data security compliance and best practice requirements with minimal disruption, effort, and cost. Implementation is seamless keeping both business and operational processes working without changes even during deployment and roll out. The solution works in conjunction with the FIPS 140-2 up to Level 3 compliant CipherTrust Manager, which centralizes encryption key and policy management for the CipherTrust Data Security Platform.


CipherTrust Application Data Protection

CipherTrust Application Data Protection offers developer-friendly software tools for encryption key management as well as application-level encryption of sensitive data. Protecting data at the application layer can provide the highest level of security, as it can take place immediately upon data creation or first processing and can remain encrypted regardless of its data life cycle state – during transfer, use, backup or copy. The solution is flexible enough to encrypt any type of data passing through an application.
CipherTrust Application Data Protection can be deployed on premises or in private or public cloud infrastructure to secure data even when it is migrating from one environment to another, without any modifications to existing encryption or data processing policies.