Data Security Technology Brief

Data Security Technology Comparisons

Data encryption, tokenization and masking –
what they are and when to use them.

bg dots

Numerous data protection solutions exist in the marketplace today – each designed to protect sensitive data in different ways – making it nearly impossible for data scientists or IT professionals to know which data protection solutions are the best fit for their needs. In this paper, we’ll look at three of the more common data security technologies and how they apply to various use cases.

Sotero Data Security Platform Technology Brief

Learn how the Sotero Data Security Platform works, and how companies use Sotero to achieve previously unattainable business outcomes.
Data Encryption
Data Encryption

What it is
Data encryption is the process of using an encryption key to alter data to render it unreadable to anyone who does not possess the encryption key or who is not an authorized user. The original, sensitive data or plaintext is encrypted via sophisticated algorithms that convert it to unreadable text or ciphertext. Several algorithms exist for encryption, with the most sophisticated being AES, followed by DES, ECC, QKD, and more.

A decryption key is necessary to revert the encrypted data to a readable format.
Where tokenization uses a token to protect data, data encryption uses a key. Tokenization swaps sensitive data for an irreversible, non-sensitive token and stores the original data outside of its original environment. Encryption encodes the content of a data element where it resides with a key shared between those with the right user access controls.

When to use it
Data encryption traditionally has been used to protect data at rest or data-in-motion. However, new encryption solutions – known as data-in-use encryption, also protect data while it is being used or queried. Encryption has multiple use cases, starting with decreasing the impact of a possible ransomware attack, allowing data analysts both internally as well as with third parties to analyze encrypted data without compromising security, as well as protecting from data theft and data breach.

A relatively new use case is the ability to share data with partners and third parties to take advantage of new business opportunities without being concerned that any data can be compromised.

Until recently, organizations frequently avoided encryption solutions as they were difficult and time-consuming to deploy, and they did not allow for encrypted data to be queried or analyzed. But data-in-use encryption removes these pain points by requiring no changes to applications; by having next to no latency; and by not requiring a team of experts to manage the solution. In addition, with data-in-use encryption, encrypted data can be queried or analyzed without the need to decrypt, and they enable organizations to encrypt and manage data in multiple data stores from a centralized platform.

To learn more about data-in-use encryption, here’s a white paper that takes
a deep dive into in-use encryption, what it is and how it works.

Tokenization
Tokenization

What it is
Data encryption is the process of using an encryption key to alter data to render it unreadable to anyone who does not possess the encryption key or who is not an authorized user. The original, sensitive data or plaintext is encrypted via sophisticated algorithms that convert it to unreadable text or ciphertext. Several algorithms exist for encryption, with the most sophisticated being AES, followed by DES, ECC, QKD, and more.

A decryption key is necessary to revert the encrypted data to a readable format.
Where tokenization uses a token to protect data, data encryption uses a key. Tokenization swaps sensitive data for an irreversible, non-sensitive token and stores the original data outside of its original environment. Encryption encodes the content of a data element where it resides with a key shared between those with the right user access controls.

When to use it
Data encryption traditionally has been used to protect data at rest or data-in-motion. However, new encryption solutions – known as data-in-use encryption, also protect data while it is being used or queried. Encryption has multiple use cases, starting with decreasing the impact of a possible ransomware attack, allowing data analysts both internally as well as with third parties to analyze encrypted data without compromising security, as well as protecting from data theft and data breach.

A relatively new use case is the ability to share data with partners and third parties to take advantage of new business opportunities without being concerned that any data can be compromised.

Data Masking
Data Masking

What it is
Data encryption is the process of using an encryption key to alter data to render it unreadable to anyone who does not possess the encryption key or who is not an authorized user. The original, sensitive data or plaintext is encrypted via sophisticated algorithms that convert it to unreadable text or ciphertext. Several algorithms exist for encryption, with the most sophisticated being AES, followed by DES, ECC, QKD, and more.

A decryption key is necessary to revert the encrypted data to a readable format.
Where tokenization uses a token to protect data, data encryption uses a key. Tokenization swaps sensitive data for an irreversible, non-sensitive token and stores the original data outside of its original environment. Encryption encodes the content of a data element where it resides with a key shared between those with the right user access controls.

When to use it
Data encryption traditionally has been used to protect data at rest or data-in-motion. However, new encryption solutions – known as data-in-use encryption, also protect data while it is being used or queried. Encryption has multiple use cases, starting with decreasing the impact of a possible ransomware attack, allowing data analysts both internally as well as with third parties to analyze encrypted data without compromising security, as well as protecting from data theft and data breach.

Sotero Data Security Platform Technology Brief

Learn how the Sotero Data Security Platform works, and how companies use Sotero to achieve previously unattainable business outcomes.

Learn More

To learn more about your data security options, we invite you to contact Sotero to speak with a data security solution specialist.
About Sotero

Sotero is the global innovator and leader in next generation data security. Sotero’s KeepEncrypt™ solutions secure your data by encrypting data at rest, in motion, and in-use with virtually no latency or impact on user experience. Securing data “in-use” enables organizations to realize higher returns and faster time-to-value from their data for mission-critical business use cases, including data analysis, data sharing, and product development.