Overview
For many large enterprises, sensitive data is located on multiple servers across
production, disaster recovery and development systems. The standard ways to “secure”
and restrict the sensitive data can be an involved and expensive exercise, often
having real time operational impact on the business. Conventional methods, requires
security around access control and connectivity to be implemented across all servers
that may handle the sensitive data. Additionally, precautions are taken to also
address physical security where the servers are located.
Randtronics is able to offer an alternate strategy, known as Tokenisation.
This method reduces the number of places where data is stored within an enterprise,
eliminating points of risk and reducing audit scope. Randtronics Tokenisation solutions
generate "format-preserving" tokens that mimic the original data.
The Tokenisation approach, requires minimum effort in identifying parts of the data
structure that is deemed sensitive, and replacing with a “non critical” token. The
real data is encrypted and stored on a separate “token server” system. It is only
this system now that will contain sensitive data & needs to be highly secured. Users
& applications that require access to the sensitive data are transparently allowed
access to the tokens.
Randtronics provides a methodology of combining both Encryption and Tokenisation
technologies to offer organisations options for better security, compliance and
data privacy beyond traditional approaches. Tokenisation builds upon encryption
by replacing sensitive data with tokens.
Data Protection For Any Environment
Randtronics Tokenisation solutions generate "format-preserving" tokens that mimic
the original data. This eliminates the need to modify applications and databases
because the data looks just like they expect it to look, and it's a perfect way
to support development and testing without exposing real production data.
It works in the background, without impacting processes or other applications -
a very elegant and unique approach to protecting all types of customer, employee
and company confidential information. Tokenisation is easily used for legacy environment,
ERP applications and custom in-house systems whereby applying encryption poses challenges.
The tokenisation model also provides easily scalable data masking capabilities for
web, applications and databases. Since the Token values contain the same first and
last letters/digits of the original data, data masking is easily achieved without
the need to ‘reveal’ or ‘decrypt the original data.
Reduce Scope For Compliance
As required by several mandatory compliance standards such as PCI DSS is the requirement
to, restrict & audit access, to deemed sensitive data, wherever it is stored and
whenever it is in transit.
Tokenisation is allowing organisations facing the complexities of industry standards
such as PCI DSS, an option for reducing the scope and impact that are associated
with becoming complaint. Implementing a combined tokenisation and encryption solution
provides an alternative to traditional approaches. Tokenisation is allowing organisations
significantly reduce the scope of systems that are required to be compliant allowing
organisations to overcome budgetary and technical constraints.
Tokenisation removes the scope & expense of addressing the compliance process across
most of the servers, thus reducing the complexity, time and cost of mandatory compliance.
|
|
Contact Us |
|
For more information about this solution feel free to Contact
Us for a free WebEx
|
|
Tokenisation Product Solutions |
Check out
our tokenisation solutions which provide better security, compliance and data privacy.
Click Here to view our product range.
|
|