Tokenization

Overview


For many large enterprises, sensitive data is located on multiple servers across production, disaster recovery and development systems. The standard ways to “secure” and restrict the sensitive data can be an involved and expensive exercise, often having real time operational impact on the business. Conventional methods, requires security around access control and connectivity to be implemented across all servers that may handle the sensitive data. Additionally, precautions are taken to also address physical security where the servers are located.

Randtronics is able to offer an alternate strategy, known as Tokenisation.

This method reduces the number of places where data is stored within an enterprise, eliminating points of risk and reducing audit scope. Randtronics Tokenisation solutions generate "format-preserving" tokens that mimic the original data.

The Tokenisation approach, requires minimum effort in identifying parts of the data structure that is deemed sensitive, and replacing with a “non critical” token. The real data is encrypted and stored on a separate “token server” system. It is only this system now that will contain sensitive data & needs to be highly secured. Users & applications that require access to the sensitive data are transparently allowed access to the tokens.

Randtronics provides a methodology of combining both Encryption and Tokenisation technologies to offer organisations options for better security, compliance and data privacy beyond traditional approaches. Tokenisation builds upon encryption by replacing sensitive data with tokens.

Randtronics Tokenisation solutions generate "format-preserving" tokens that mimic the original data. This eliminates the need to modify applications and databases because the data looks just like they expect it to look, and it's a perfect way to support development and testing without exposing real production data.

The tokenisation model also provides easily scalable data masking capabilities for web, applications and databases. Since the Token values contain the same first and last letters/digits of the original data, data masking is easily achieved without the need to ‘reveal’ or ‘decrypt the original data.

Reduce Scope For Compliance


As required by several mandatory compliance standards such as PCI DSS is the requirement to, restrict & audit access, to deemed sensitive data, wherever it is stored and whenever it is in transit.

Tokenisation is allowing organisations facing the complexities of industry standards such as PCI DSS, an option for reducing the scope and impact that are associated with becoming complaint. Implementing a combined tokenisation and encryption solution provides an alternative to traditional approaches. Tokenisation is allowing organisations significantly reduce the scope of systems that are required to be compliant allowing organisations to overcome budgetary and technical constraints.

Tokenisation removes the scope & expense of addressing the compliance process across most of the servers, thus reducing the complexity, time and cost of mandatory compliance.

Options for Tokenisation Solutions


Randtronics provides different options for solution architecture and vendor products for Tokenisation, Encryption and Key Management. Randtronics provides the following high level options

  • Tokenisation Vendor Products: Randtronics can deliver vendor product solutions that are setup and installed according to customer requirements. The solution is implemented internally and managed by customer.
  • Managed Tokenisation Services: Randtronics can deliver Tokenisation solutions that are implemented onsite within a customer’s datacentre but completely managed by Randtronics. We ensure the initial and ongoing administration and maintenance of the Tokenisation solution is handle by Randtronics to ensure security and compliance requirements are met.
  • Hosted Tokenisation Services: Randtronics can deliver Tokenisation solutions within either a SaaS or IaaS model, depending on the customer’s preference. The Tokenisation is hosted externally in PCI DSS Level 1 Compliant Datacentre with the storage of Credit Card data no longer within the customer’s environment.

The first step is in choosing the right solution architecture and vendor product. Randtronics provides the expertise to guide you on what the right solution should be. Randtronics provides both technology and services to meet you requirements and in selecting best-fit solution.

What We Offer

Encryption of Files and Folders - Randtronics DPM File



Encryption of Laptops and Desktops - Randtronics DPM File



Encryption of Databases - Randtronics DPM File



Encryption, Masking, Tokenization of Web, Application and Databases - Randtronics DPM Token Manager



Encryption of Metadata in Web, Application and Databases - Randtronics DPM Token Manager



Management of encryption keys - Randtronics DPM Key Manager



Straightforward integration with a HSM - Randtronics DPM Key Manager



Encryption of SAP ERP Systems - Randtronics DPM File and Token Manager



Encryption of Oracle Financials - Randtronics DPM File and Token Manager

footerLogo
Randtronics LLC

303 Twin Dolphin Drive
Suite 600
Redwood City, CA 94065
United States

  • +1 (650) 632 4272
  • +1 (650) 591 9901
Randtronics Pty Limited

S1.1, Level 1, Building A
64 Talavera Road
North Ryde, NSW 2113
Australia

  • +61 2 8873 1999
  • +61 2 9870 8560
  • enquiry@randtronics.com

Randtronics© 2002 - 2018 | Site design by Wolff