Data-Centric Security for Cassandra Databases

Solution Overview:

Baffle has developed a data-centric encryption solution for Cassandra databases that effectively functions as an abstraction layer for virtually any application or data access function interacting with the back-end data tier.

Without modifying applications, Baffle can support mathematical operations and search as well as automated workflows and machine-to-machine processing on AES encrypted data without decrypting the underlying values.

The solution goes beyond native table or database encryption methods by mitigating privileged access or insider threat risk.

Baffle supports on-premise deployments as well as AWS, Azure and managed provider Cassandra environments. The solution integrates with existing enterprise key management and HSM solutions to support customer-owned keys.

Key Benefits:

  • Secures data in Cassandra environments
  • Integrates with Spark connectors, microservices and API-based methods
  • Encrypts data without breaking application functionality
  • Ensures compliance with data privacy regulations



Key Capabilities:

Advanced Data Protection
Data is encrypted using AES encryption and protected end-to-end: in memory, in use, in search indices, and at-rest.

Support for Customer Owned Keys
Customers always own the keys and integration with enterprise key management, cloud key management and HSMs is supported

Comprehensive Application Support
Application functionality is preserved with Baffle’s solution and no code modification or rewrites are required.

Secure Compute
Baffle supports wildcard search, mathematical operations, and analytics on AES encrypted data.

Flexible Architecture
The deployment model supports traditional multi-tier applications, microservices architecture, and API-based access models

Features and Integrations:

Learn more about our secure computation capabilities here

Read about our partnership with Instaclustr here


Download the Baffle Cassandra Data Sheet

Download Here