Data Protection for SaaS

Protect and Control Data with Record-Level Encryption

Baffle Multi-tenant Keys

Baffle’s no code multi-tenant data security with record-level encryption ensures SaaS customers that their data is compartmentalized and under their control

Cryptographically-enforced Isolation

  • Baffle’s encryption ensures each customer’s data is compartmentalized from any other customer’s data
  • Accessing the data without the key leads to encrypted, anonymized text
  • Even data administrators can’t see the data in clear text without proper access

No Code Implementation

  • Baffle is easily implemented with minimal changes to multi-tenant applications and their underlying databases
  • Quickly protect data with a variety of encryption methods, without lengthy development of application-level encryption
  • SQL statements from application to database are unchanged

High-Performance Architecture

  • Baffle has been designed to encrypt/decrypt data at a high rate, with no impact on user experience
  • Proxy design ensures no impact to application and database performance
  • Modular architecture enables scaling for performance and availability requirements

Bring Your Own Key (BYOK)

  • A single tenant key controls the encryption / decryption for a customer;
  • Control of the key, whether by the customer or the SaaS, determines who has access to the data
  • Baffle’s key virtualization layer integrates with HSMs, cloud key managers, and secrets managers to easily source customer-owned keys