Multiple side channel attacks expose sensitive data
CPU Vulnerabilities Allow Programs To Access Data Unfettered
Based on latest reports, there have been four waves of Spectre-class vulnerabilities discovered that allow malicious programs to read sensitive data via side channel attacks. This brings the total count to over 30 vulnerabilities discovered this year alone, and raises questions about new threat models that need to be considered in the security architecture.
These new hardware-based vulnerabilities will create multiple challenges in that they take longer to fix and patch, and as companies move to cloud providers, there are no guarantees for what hardware the applications are running on. Put another way, the computing ground people thought they were all standing on to process data, doesn’t seem as stable given these new security gaps.
Baffle delivers an enterprise-level transparent data security platform that secures databases via a "no code" model at the field or file level. The solution supports tokenization, format-preserving encryption (FPE), database and file AES-256 encryption, and role-based access control. As a transparent solution, cloud-native services are easily supported with almost no performance or functionality impact.
No application code modification required
Deploy in hours
No impact to user
Bring your own key