Baffle’s solution goes beyond simple encryption to truly close gaps in the data threat model. Baffle provides an advanced data protection solution that protects data in memory, in process and at-rest to reduce insider threat and data theft risk.
Unlike homomorphic encryption, Baffle’s pioneering technology achieves what many believe is impossible — processing on encrypted data in a performant manner without modifying applications. Furthermore, the solution is easy to deploy and requires no changes to applications to simplify and save costs on the implementation of encryption.
How Does Baffle Work?
The solution simplifies encryption implementation by delivering application level encryption via an abstracted model that does not require any application code changes. This enables support for commercial off-the-shelf (COTS) apps, custom apps, and cloud migrations without modifying code. In addition, Baffle can also support mathematical operations, sort and wildcard search operations on AES encrypted data reducing breakage in applications caused by traditional encryption methods. (read more on wildcard search here)
Baffle consists of three major components:
- BaffleShield – is an encryption engine that integrates with customer owned keys to encrypt data. BaffleShield operates in a manner that is invisible to applications which enables Baffle to support virtually any application with no code modification. The flexible architecture model allows support for complex encryption scenarios such as API-based communications, machine to machine traffic, and automation workflows.
- Secure Multiparty Compute (SMPC) – SMPC is Baffle’s cryptographic technique to enable computation on encrypted data at speed. The solution takes computational requests — such as sort, wildcard search or a math operation — and breaks the operation apart across distributed stateless servlets and returns the results in encrypted form. This enables operations on encrypted data without ever decrypting the original values of your sensitive or confidential data. (more information on SMPC here)
- BaffleManager – BaffleManager is the management console for the advanced data protection solution. The reality is that deploying encryption is complex and hard. Much harder than it needs to be. BaffleManager streamlines the deployment of encryption by enumerating data schema and mapping keys to confidential data and by virtualizing the key management layer to simplify encryption key management for KMSs or HSMs. The result is less time configuring, re-configuring, rotating and integrating encryption with your apps, and faster deployment times for getting your applications protected the right way.
Sounds Too Good to Be True?
We know our claims are bold, but we continue to convert skeptics time and time again. The cryptographic approach we have taken is sound, and we have enabled a high performance model that delivers on what was previously impossible — secure computation on encrypted data that can used in the real world. Download more info below or request a demo with one of our experts at the top of the page.