POLICY-BASED ACCESS CONTROLS
You Control Who Sees Encrypted Data
While hackers get a lot of the attention, some of the largest and most notable data breaches have resulted from insider actions -- both accidental and malicious -- most caused by vulnerabilities like broadly defined or excessive access permissions and privileged user escalations. Additionally, the growth in virtualization and software defined data centers has brought with it concerns around shared resources and multi-tenancy.
Techniques such as role-based access, workload isolation and application whitelisting are key towards managing these concerns. DataKeep automatically denies data access to all users unless they have been specifically granted permission using “deny by default”. DataKeep allows you to define access policies that can be as narrow as a specific user, where an individual can only see specific data decrypted, when using a specific hashed process/application on a specific server.
DataKeep™ Protects Your Data Your Brand And Your Reputation
Encrypts personal data-at-rest and manage encryption keys
Manages access to personal data by role or process
Audits data access requests / denials for encrypted personal data
Prepare and Protect with DataKeep
DataKeep is built upon customer-defined policies of who, what, when, where and how users access decrypted data. Only those needing data access are allowed with policies using role-based access control (RBAC), privileged access management (PAM) and default to least privileged access (LPA). DataKeep logs all user data access requests, whether approved or denied, in real time to allow for prompt remediation and logging for compliance audits. DataKeep can leverage templates and REST APIs to help automate policy creation.