X Close

• English
• Japanese
• Simplified Chinese
• Traditional Chinese
• Spanish
• Portuguese

Solutions

• Data Protection:
  • Achieve Compliance:
  • Authenticate Access
  • Cloud Security:
  • Digital Signatures
  • DNSSEC
  • Encrypt Databases & Applications
  • Key Management & Protection
  • Manage Risk & Privacy
  • Protect Classified Networks & Assets
  • Protect Identities
  • Secure a Service-Oriented Architecture (SOA)
  • Secure Endpoints
  • Secure Networks & Communications
  • Tokenization
• Software Licensing & Entitlement Management:
• Industry Solutions:

Let us help you

• Contact Us
• Resource Library
• Technical Support

• Home ›
• Solutions ›
• Data Protection ›

Tokenization

Introduction to Tokenization

When it comes to data security, enterprises are faced with tough regulatory compliance mandates , such as the PCI DSS, PII standards, and HIPAA, as well as an increasing number of state notification laws. The challenge lies in integrating the mandate requirements with complex architectural environments that consist of many disparate systems and network tiers. The workhorses of these architectures are often closed systems— mainframes, third-party databases, enterprise resource planning (ERP) systems, or customer relationship management applications. Protecting these assets can be a daunting task.

Tokenization is not a complicated concept. The system takes sensitive data values and replaces them with values (tokens) of the same size and type. Legacy systems that expect 16 byte credit card numbers or 9 byte Social Security numbers will receive 16 or 9 byte tokens. These tokens will reference sensitive data, but not actually be sensitive themselves. The sensitive data will be encrypted and stored in the tokenization system.

SafeNet Tokenization for Data Protection

SafeNet can provide your enterprise with a full cryptographic tokenization solutionthat can evolve over time into a more comprehensive encryption solution that meets the most complex requirements.

 

With the SafeNet DataSecure tokenization deployment solution:

• Data comes in through a consumer system
• Data is passed through the Secure Message Layer into the Protected Zone
• Token Server calls DataSecure to encrypt the data, stores ciphertext in the Vault and returns a token
• Another consumer system passes tokens through the Secure Message Layer
• Token Server decrypts and returns clear text

• Database Encryption
• DataSecure i430

Common Business Use Cases

• Modern enterprises have a mix of systems that include bespoke systems that are heavily customized and unique to the enterprise, as well as third-party systems that are either actively maintained, legacy and out of date, or created by small market players that are extremely specialized.
• Many enterprises choose tokenization because of integration and code updating issues created from third-party, legacy, and small market systems. However, traditional data protection with strong key management provides the easiest deployment, overall management, and most effective security strategy for comprehensive data protection.
• When deciding which approach is best for your enterprise, investigate the different systems and functions in place, and find a solution that will offer strong encryption and key management, dual control and split knowledge, and robust audit and logging procedures.

• Derek Tumulak, SafeNet’s VP of Product Management, shares his insight on Tokenization: What you need to know before deciding on a data protection strategy.

© 1983-2010 SafeNet, Inc. All rights reserved.