How to Secure Legacy Applications?
CipherWorks provides tools for securing the legacy applications without requiring any code changes in the legacy applications. If the legacy applications are using JDBC Drivers to retrieve data from data bases, those applications can be secured simply by using the driver provided by CipherWorks.
Unsecured Legacy Applications
Most enterprises move unencrypted sensitive data across many systems. This makes the sensitive data spread all over the enterprise. This kind of ‘sensitive data diffusion’ brings many of the enterprise systems under the scope of compliance; and also makes the data more vulnerable to internal and external threats in multiple systems. In order to relieve these systems from scope of compliance and to secure the data, it is necessary to encrypt the sensitive data in all the systems. This would require application code changes which is very expensive and disruptive to the operations.
Secure Legacy Applications with no code change
Legacy applications that use JDBC drivers to read and write to databases can be secured wihtout making any code change. By simply replacing its JDBC driver by CipherWorks JDBC Driver, the Create/Read/Update queries will automatically encrypt/decrypt sensitive data without any change in the applications. Here are the general concepts on how it works:
Data Classification Catalog
Contains the Schema/Table/Column details of the sensitive data that requires semantic encryption.
If this mode is enabled, the sensitive data elements in the query will be automatically decrypted before the data is returned to the client.
If this mode is enabled, the sensitive data elements in the queried data will NOT be decrypted when the data is returned to the client. The queried data will be returned to the client in the encrypted form.
In Privileged Mode & Secured Mode, any sensitive data that is inserted or updated will be automatically encrypted before saving the data in the table.