Modifying your application to protect sensitive data within the application is the best possible data-security you can achieve: it provides the smallest attack-surface and protects data in every other layer below the application-layer in the stack.
When you cannot modify the application (perhaps because you do not have the source), you might still want data-at-rest encryption to ensure that the underlying disk/volume or filesystem is encrypting data as it writes out blocks, and decrypts data as it reads blocks.
StrongKey CryptoDriver is a free and open-source software, based on one of the most popular free and open-source disk/volume-encryption technologies, with one twist: instead of the encryption key being encrypted and stored in the header of the disk/volume, it is escrowed securely within a centralized key-management system, while the kernel driver has been modified to recover the key on boot-up before mounting the disk/volume.
- Create a virtual encrypted disk within a file and mount it as a real disk.
- Encrypt an entire partition or storage device, such as a USB flash drive or hard drive.
- Automatic, real-time (on the fly), and transparent encryption/decryption.
- Parallelization and pipelining to allow data to be read and written as fast as if the drive was not encrypted.
- Hardware-accelerated encryption with modern processors.
- Integration with the StrongAuth KeyApplianceTM
Be the first to post a review of StrongKey CryptoDriver!