As developers, we need to make sure that our applications handle sensitive information securely, especially when dealing with personal information like email addresses and other PII data.
While our shiny new SOC 2 Type 2 badge shows that you can trust us, if you're using CipherStash, you don't actually *need* to trust us — your customers' sensitive data is always secure.
When using CipherStash Proxy, applications can interact with encrypted data in a Postgres database as if it were plaintext. SQL statements are intercepted, parsed, type-checked, and mapped to the configuration specifying the types of encryption to use. In order to make all of this smart magic work to abstract the complexity of searchable encryption, CipherStash Proxy has to handle the nuances of the PostgreSQL wire protocol.
CipherStash Proxy helps teams who need advanced data security controls but don't have the capability or capacity to make changes to their apps. With CipherStash Proxy, developers, devops engineers, and SREs can encrypt their most sensitive data in Postgres databases with zero changes to SQL queries in their apps.
When building a JavaScript or TypeScript application, few concerns weigh more heavily than the secure handling of sensitive data. Whether you're dealing with personal user information, health records, or simply wanting to follow best practices, implementing data protection is critical.
Let's look at how to add Protect.js to a Next.js app that uses the Supabase SDK and server actions to read and insert encrypted data into a Supabase Postgres instance.
CipherStash Proxy keeps your sensitive data in PostgreSQL encrypted and searchable, without changing your SQL queries. This means that you can protect your most sensitive data with strong security controls, without slowing down your dev team.
Protecting data that’s sensitive — such as personal health or financial information — is crucial to building applications that users trust. But getting access control right is a tricky business. Complex requirements and a plethora of tools, as well as performance considerations, can kill dev team productivity.
Exercise, healthy eating, and minimizing alcohol consumption are all preventative measures. We should think of ransomware the same way.
Does the word “compliance” fill you with dread? It doesn’t have to. You probably imagine the time that’s going to be taken away from your important day-to-day work, but as our recent experience at CipherStash shows, there’s another way.
Just in time for the end of the year when people are rushing to finish things off, our gift to you is (drumroll please)... SOC 2 compliance!
We’re excited to announce general availability of CipherStash for DynamoDB, our cutting-edge solution for client-side data encryption and server-side encrypted search in Amazon DynamoDB.
Security outcomes are not just delivered by the security team. How can security teams more effectively work with the rest of the business?
Don't just rely on encryption at rest and in transit to protect your sensitive data. Use searchable encryption to enable encryption in use to harden data privacy in Postgres.
When writing code that deals with sensitive information like passwords or payment data, it's important to zeroize memory when you're done with it. Failing to do so can leave sensitive in memory even after the program is terminated and even end up on disk when the computer uses swap.
Large enterprises face especially difficult data protection challenges posed by the scale and diversity of the data they collect and store, the complexity of enterprise organizational structures, the likelihood of facing targeted attacks, and the difficulty in coordinating thousands of employees to move quickly to mitigate risks.
The effectiveness of your data governance program is determined by how much care and attention you put into the design of its strategy. A well-designed governance strategy sets a sturdy foundation for your framework to click into.
This article will introduce to some PostgreSQL best practices you can implement for access and storage security.
Optus just had Australia's biggest ever data breach. Here's what might have happened and how it could have been prevented.
It turns out there’s heaps we can learn from API security improvements and apply to databases. Here are the top 3!
The OWASP Top 10 has recently been updated, and it has recognised Cryptographic Failures as the #2 vulnerability category.
I spoke to host, Sam Brown about why CipherStash could be a gamechanger for enterprise data security.
We are excited to announce that Dr David Wu, Assistant Professor at the University of Virginia, has joined CipherStash as an official advisor
With data breaches continuing to threaten our privacy and data security, are current data protection schemes enough?
Get started by creating a free account and choosing your integration path, or get in touch to learn more.