EncryptRIGHT is an application layer data protection software solution that protects data in storage, in transit, and in use. It delivers encryption, tokenization, data masking and redaction, signing and hashing, as well as control access to critical data based on defined user roles and privileges. EncryptRIGHT abstracts security capabilities from applications, using an external policy engine that any application can access. Security policies are written into the centralized engine and are then synchronized with clients that execute and enforce the policy locally, collocated with the application through Native APIs. EncryptRIGHT can also execute and enforce policy centrally through Web API calls from practically any application running in any environment in the cloud.
EncryptRIGHT leverages strong role-based access controls to define who should be able to access sensitive data, assign appropriate data access permissions, and easily orchestrate unlocking the protected data in a need-to-know manner – delivering static or dynamic data masking that allows each user to access data only to the extent to which they are authorized.
At the heart of EncryptRIGHT is the security database which holds the data protection policy definitions, associated cryptographic keys, and user privileges definitions. Each record is hashed and encrypted, enabling the use of an HSM to add hardware protection to keys and cryptographic processes.