Protection Against
Data Leaks & Ransomwares
Klave DB is the quickest way to protect existing databases. It is designed to precisely protect sensitive data, keeping all valuable and critical data encrypted while leaving the rest untouched.
Why Klave DB?
All databases should be protected with encryption in transit and at rest. This eliminates many common vulnerabilities, but it doesn’t fully protect your data.
If the system is compromised, attackers can still access decrypted information. So can high-privileged users. To truly protect data, additional layers of security are essential.
Without Klave DB | With Klave DB | |
---|---|---|
Database Administrators | ||
Cloud Administrators | ||
Server Administrators | ||
Server Administrators | ||
Hackers |
Data Stays Where It Is
Klave DB is designed to protect existing / legacy databases. It encrypts sensitive columns, ensuring that even if someone gains access to the database, there isn’t any sensitive or valuable information to leak.
How Does Klave DB Work?
Klave DB automatically generates encryption keys and stores them in a secure enclave. The encryption key never leaves the enclave and remains inaccessible to high-privilege users. Learn more about encryption keys.
Klave DB acts as a proxy for SQL queries and transactions that process encrypted data. The rest of the architecture remains unchanged, greatly reducing the cost of securing your databases.
See Klave DB in Action
A Data Protection Solution
Klave DB is a cybersecurity solution designed to mitigate the risk of data leakage from unauthorised users.
Klave DB will blindly transform APIs queries. If an API is designed to reveal a large amount of critical data to an authorised user, then the data will be revealed. Klave DB is not a privacy-by-design solution, but APIs can be updated with privacy techniques to protect data from authorised users. Learn more about privacy techniques.
Klave DB Comparison
Microsoft’s Always Encrypted uses secure enclaves to protect the data and mitigate the risk from unauthorised users, but it comes at the cost of moving the database to Azure. This is not always possible.
Klave DB also uses secure enclaves, but only to orchestrate column encryption.
Standard Database | Microsoft Always Encrypted | Klave DB | |
---|---|---|---|
Protects sensitive data against Database Administrators | |||
Protects sensitive data against Server Admins | |||
Protects sensitive data against Cloud Admins | |||
Protects sensitive data against hackers | |||
Data remains where it is |
Get Started with Klave DB
You don't need to be a security expert to secure your database. Klave DB handles the hard parts so you can focus on what matters most.