Masking, Tokenization and Encryption Made Easy

Protect your PostgreSQL and MySQL databases while BYOK ensures you control access to the data in AWS, Azure, and GCP

  • Meets compliance requirements for GDPR and PCI, including data sovereignty, data residency, and the right to be forgotten
  • Logical database, column-level or row-level protection
  • Revoking access to the key makes all copies of the data unreadable

No-Code Implementation

  • Baffle is easily implemented with minimal changes to applications and their underlying databases
  • Quickly protect data with a variety of encryption methods, without lengthy development of application-level encryption
  • SQL statements from application to database are unchanged

High-Performance Architecture

  • Baffle has been designed to encrypt/decrypt data at a high rate, with no impact on user experience
  • Proxy design ensures no impact to application and database performance
  • Modular architecture enables scaling for performance and availability requirements

Cryptographically-enforced Isolation

  • Baffle’s encryption ensures each department or customer’s data is compartmentalized from any other customer’s data
  • Accessing the data without the key leads to encrypted, anonymized text
  • Even data administrators can’t see the data in clear text without proper access