CipherStash Tandem helps you protect sensitive data in your SQL databases with no downtime or changes to client applications. Tandem uses encryption-in-use technology, is quick and easy to deploy, and scale to meet the intense demands of any data driven business. Tandem works in-tandem with your existing infrastructure and is fully contained within your environment.
Tandem is a proxy for PostgreSQL databases, ensuring secure data transactions across all applications accessing your data, with no need for modifications to the applications. It encrypts and decrypts data in real time, making encryption-in-use possible for your existing applications and systems. Precision access control and automatic secrets rotation enhance security, allowing for fine-grained access policies while mitigating credential theft risks.
How it works
Tandem deploys as a Docker container which acts as a gateway between applications and your database. The solution is cloud-native and can deploy in public or private cloud, on premise, and on your personal devices.
Tandem maps SQL statements to the corresponding encrypted fields in your database to maintain functionality across all application types.
Leveraging CipherStash's Zero Trust Key Management Service, Tandem encrypts data with a unique key for every record in your database.
Figure: Application architecure using Tandem
Read the whitepaper
If you'd like to learn more about Tandem, please request the whitepaper.