Secure Data-in-Use, in-Transit, and at-Rest in PostgreSQL with NO code changes
Encrypt, tokenize, or mask at field-, row-, and/or column-level
Easier, faster, and better than pgcrypto at protecting data in AWS or Azure
- Meets compliance requirements for GDPR and PCI, including data sovereignty, data residency, and the right to be forgotten
- BYOK support for multi-tenancy at logical database and row-level
- Revoking access to the key makes all copies of the data unreadable
No-Code Implementation
- Baffle is easily implemented with minimal changes to applications and their underlying databases
- Quickly protect data with a variety of encryption methods, without lengthy development of application-level encryption
- SQL statements from application to database are unchanged
High-Performance Architecture
- Baffle has been designed to encrypt/decrypt data at a high rate, with no impact on user experience
- Proxy design ensures no impact to application and database performance
- Modular architecture enables scaling for performance and availability requirements
Cryptographically-enforced Isolation
- Baffle’s encryption ensures each department or customer’s data is compartmentalized from any other customer’s data
- Accessing the data without the key leads to encrypted, anonymized text
- Even data administrators can’t see the data in clear text without proper access