Secure and reliable encryption schemes are essential to protect sensitive information held by individuals, entities, organizations and governments. However, encryption combined with firewalls is no longer strong enough to stop malicious actors from acquiring sensitive data that is being protected. We must deploy new ways to essentially guarantee we are protected against potential cyber treats, both externally as well as internally. Today, if you were to ask most cyber experts, you might hear that there is no system that is 100% un-hackable. We at Eclypses agree with that premise, but with a significant twist. With the use of MicroToken Exchange, when the breach occurs, bad actors are unable to obtain any sensitive data.
Two individuals. (David Schoenberger and Timothy Reynolds), were working within the payment card industry, protecting systems that connected into the back end of the Federal Reserve. While working with clients and protecting transactions to very high levels, request continued to come asking why “Tokenization” could not be applied to both databases and files. After repeated inquiries, David and Tim decided to develop this capability. After several years, they were successful in doing just that.
As the capability was being designed and architected, additional enhancements were made to the Tokenization process they created. For example, their “MicroTokens™”, unlike standard tokens, do not contain any part or piece of the data that is being protected. Another words, the MicroTokens are agnostic. Additionally, depending on client specific needs, within a given system architecture, the MicroTokens are not reused or repeated to protect other pieces of data in the future.
While firewalls and encryption are not strong enough to hold back banks of supercomputers used by foreign actors, most all agree they can penetrate and access most any system they so desire. Where the twist comes in, is what can they get once inside. This is where additional security measures can thwart their efforts. With the advent of a new approach to cyber security on the back end, involving AES encryption, combined with use of a uniquely modified form of Tokenization, technology known as MicroEncryption®, once a bad actor successfully penetrates firewalls and encryption, there is nothing sensitive within that system to steal.
One of the most significant challenges while considering protection schemas is not only the level of security. The data that is most sensitive is also the same data that must remain accessible to those authorized to access it. MicroEncryption, one for of MicroToken Exchange, accomplishes the this while meeting these requirements. Also, important to note, is the fact that not all data contained within a database or file structure is sensitive. For example, if within a database, a record had no known association with an account number, a first/last name, a social security number, an a city and state, there would be correlation to the sensitive data therefore making the remainder of the fields contained, virtually useless to the hacker.
These advancements work off an entirely different premise and methodology relative to current cyber security processes. While It has been repeatedly proven that “Bulk Encryption” is not efficacious in securing data, by MicroEncrypting the information, sensitive data is protected individually, down to the byte level, if that is what is desired, within the system design. This also means that not all data within a system requires encryption. Since the sensitive data is being protected on an individualized basis, it can be returned very rapidly when call upon. While custom solutions and a variety of API’s are available, in most cases a developer only requires access to a MicroEncryption API SDK and they are ready to protect data.
This methodology, while only recently available for commercial use, mitigates the effects of latency, regarding user experiences, while securing most all forms of data like never possible. Tokenization has existed for a long time within the digital arena. Substitution or surrogate key values, or “tokens”, have been used to isolate sensitive data elements from exposure to exploitation (16-character maximum), by replacing them with placeholders.
MicroEncryption like concepts are now providing a security mechanism for both small and larger scale data protection - a feat previously unavailable within the Tokenization protection schemas. Now, through access via an SDK, developers of all sizes can adopt and utilize the schema for projects of all sizes. This includes not only files of all types, but databases, payments, payment processing, information around transactions and more. Its’ attraction is not only its’ ultra-high security, it is rapidly scalable, while fairly simple to deploy. Depending on the complexity of a system, and what items developers determine requires protection, connections have been made in a little as a few hours through published API’s. This service thorough the SDK is both PCI DSS Level 1 compliant as well as HIPAA compliant, allowing for the complaint storage of credit card information and healthcare data.
ESB providers such as Neuron ESB have seen the benefits of MicroEncryption and taken it to the next level by creating a simplified pathway for MicroEncryption to be deployed into many industry standard applications. This reduces programming efforts in more than 40 commercial applications, (Including Microsoft and Oracle), more than 80 percent. You can see why this technology is rapidly becoming a schema of choice.
As MicroEncryption technology evolved, and adoption continues, certain entities requiring data protection expressed the desire to maintain the MicroEncrypted data within their own environment. Banks, Financial institutions, large Enterprises and Government are classic examples. To meet that demand, MicroEncryption is now available as a private hosted solution that can be deployed in a variety of ways, including a client’s own data center or private cloud. As of late, Managed Services Providers, as well as Data Centers themselves, are taking advantage of this new form of hybrid security architecture. MicroEncryption like technology is rapidly becoming a vital tool in their toolbox of options and capabilities.
Taking it to the next step, flexible adaptor based systems were developed that allows any data to transact with any other third-party system, as well as a recurring process scheduling engine that allows an organization to manage business rules which determine when, how often, and what kind of data processing to schedule and generate. These systems include, but are not limited to, payment processing, identity verification, bank systems, account systems, or any data transformation.
Information and registration for a free trial of the recently released Eclypses MicroTokenization SDK can be found at https://certainsafe.com/custom-solutions/ .As the evolution continued, taking industry demands a step further, a Virtual Safety Deposit Box was developed for use by individuals, without requiring any additional programming whatsoever. It utilizes the complete MicroEncryption technology suite to protect the information contained within the Digital Vault. Its’ purpose is to allow for the storage of files, in an ultra-secure Vault, providing a mechanism that enables the storage, ability to share, and the ability to control folders containing files, with ease, speed and efficiency. This gives users the ability to secure any data type including simple text, Word Docs, Excel, x-ray files, video, voice, pictures, top secret documents and more. As an added feature set, individuals can communicate through an Instant Secure Chat, that too uses MicroEncryption to protect the instant chat messaging contained. This platform is called the CertainSafe Digital Safety Deposit Box. I can be found at certainsafe
MicroEncryption as a service, whether through an SDK, or a private instance, due to its ease of use as well as pricing structure, is quickly becoming a favorite of Managed Service Providers of all sizes. As the evolution of data security continues forward, it is believed that MicroEncryption type schemas will be the top choice for those developers requiring the highest levels of security.
The MicroEncryption technology is truly innovative with its ability to scale to future needs and evolve with the new best practices in the security world” said Dan Furman, former CIO of the Federal Improvement Team. By tokenizing data and storing it fully encrypted, the data becomes both usable directly from the secure datacenter and simultaneously meets and exceeds industry standards and regulations. In addition, value can be gained from processing the data onsite and avoiding the potential security failure point, as data must move to an analysis server. From Personally Identifiable Information (PII) and Health Insurance Portability and Accountability Act (HIPAA) mandated data restrictions to user password tokenization, the need for usable and secure data has never been so great. Companies of all sizes who store any information about their customers, employees, patients or partners must be conscious of how to protect this information.
Unlike other security solutions, MicroEncryption technology is lightning fast and currently being scaled to enable over 60 million secure actions per second in test portal environment. “Thanks to this new breakthrough in technology, MicroEncryption offers everyone access to the same speed and security as the billion-dollar giants” said Mr. Fioto, Chairperson and CEO of RACE.
"Eclypses, with the invention of MicroEncryption, has cracked the code on how to properly secure data that's both at rest and at motion." Richard Marshall, former director of Global Cybersecurity Management for the US Department of Homeland Security
“I've closely investigated the MicroEncryption technology and am confident it is the most secure method for sharing and storing data, bar none.” Former Chairman of the House Intelligence Committee
"The Eclypses approach to cloud security may be the most brilliant and effective that I've seen to date, in an area that is critical if Net-based commerce, applications, and transactions are to go forward." Mark Anderson, FiRe chair and CEO of the Strategic News Service
A new data security paradigm is required to secure sensitive data in the event of a perimeter defense breach. This new paradigm must ensure that only the right people get access to the right information at the right time. The MicroEncrypted Digital Vault capabilities ensure that data at rest and data in motion remain unavailable to exploitation even in the event of traditional network defense breach. These types of MicroToken Exchange technology solutions are applicable on a global basis across dozens of industries including healthcare, financial services, hospitality, retail, energy/smart grid, supply chain management and government service sectors. The innovative processes make data stored fully usable and accessible while maintaining the highest levels of security. With MicroEncryption like technology deployed, users can store HIPAA, PCI, PFI, PHI, PII as well as other types of sensitive data requiring compliance.