Simplifying TISAX Compliance: Encryption
Encryption is the strongest form of data protection, making it nearly impossible for anyone to read sensitive data without access to the correct decryption key.
In Section 5.1.1 of the assessment, TISAX standards call for sensitive data to be protected with encryption both at rest and as it moves. Encryption isn’t just a checkbox here, however. The role of both key management and strong encryption algorithms must also pass muster.
Data at Rest and in Transit
Few technologies, however, can do both at-rest and in-transit encryption, and even fewer combine that capability with enterprise-class key management. PKWARE’s data security platform can apply its persistent strong encryption to files, which stay protected wherever the files go—both at rest and in transit.
Transparent encryption provides protection for data at rest. When transparent encryption is applied, the protection is removed before data is accessed. For example, when an authorized user copies a file from a file server, this makes the encryption process “transparent” to end users, but also means data exists in the clear any time it is moved or copied from the protected location. The two most common forms of transparent encryption are full disk encryption and file system encryption.
Persistent encryption is encryption that travels with data as it is shared, copied, and moved from one system or user to another. Depending on whether the encryption is applied to structured data (fields in a database) or unstructured data (files on servers, laptops, desktops, and mobile devices), persistent data encryption can be categorized as either field-level encryption or persistent file encryption.
>>Learn more about PKWARE’s encryption capabilities by downloading this data sheet.<<
. . . Plus Enterprise Key Management
Generally considered the most challenging aspect of enterprise-wide encryption, key management involves a variety of functions, including key generation, key storage, key exchange, and key rotation. While reliable encryption algorithms and hash functions have existed for decades, an optimal approach to key management has remained elusive. PKWARE supports the management of millions of keys and certificates, suitable for every organization from every industry.
Organizations can use PKWARE’s Smartkey technology, which associates keys with user identities and provides complete organizational control over access to encrypted data.
See how encryption and key management from PKWARE can support your TISAX compliance journey with a free demo.
Ben Meyers March 13, 2024
