Baffle has developed an encryption solution for databases that integrates seamlessly into the cloud migration process before the data leaves the enterprise.
Baffle’s solution allows existing applications such as business intelligence and analytics applications to access and process the AES encrypted data without decrypting it, effectively mitigating the risk of data exposure in the clear at any time in the cloud environment.
Keys used to encrypt and decrypt the data with AES encryption are always in the customer’s control.
Learn more about our AWS Database Migration Services support here or click on the video on the right to see a demo of Baffle integrated with AWS DMS. Read our article on the AWS DMS blog on field level encryption for RDS.
Learn more about our Azure support here.
How Baffle Helps
Secure your cloud migration end-to-end
Only Baffle helps secure structured data migrations from on-premise to cloud infrastructure end-to-end. Integrating with AWS Database Migration Services (DMS) or Azure Migration Services, Baffle encrypts the data during the migration process before it arrives in cloud DB PaaS instances. Post-migration, applications can seamlessly access encrypted data in the cloud ensuring a smooth "lift and shift" migration.
Secures cloud data migration end-to-end
During the cloud migration process, data can be left exposed in the clear in CSV format files or packages. Using Baffle, customers can encrypt data before it leaves their premise and migrate to the cloud platform in encrypted form eliminating data exposure during the migration process.
Supports operations on encrypted data
Baffle’s patented Secure Multiparty Compute (SMPC) technology allows for sort, wildcard search and mathematical operations on encrypted data. This eliminates breakage of application functionality and increases adoption.
Protect data from insider threat
Baffle’s Advanced Data Protection turns the database tier into an AES encrypted brick with no key present. This prevents privileged users from accessing sensitive data records while still allowing them to perform operational tasks.