As demand for data security and integrity continues to increase, organizations are beginning to encrypt critical data inside corporate databases. Industry requirements and the emergence of laws and regulations requiring data protection mean that private information such as medical records, social security and customer credit-card numbers, payroll/benefits data, driver’s license numbers and more need to be kept secure. Just because the doctor can view a patient’s medical records does not mean that they should be open to viewing by a different user (such as the receptionist) running an ad-hoc query.

Built-in data security and protection comes standard in jBASE for no additional cost. Native Data at Rest encryption using the industry-standard AES256 cipher and latest OpenSSL library, now makes it easy to meet increasing compliance requirements. Following recommended practices, jBASE Key Management uses a 2-level key vault. jBASE also includes encryption for spooler data, backup and restore and transaction journaling while maintaining the high performance your users expect.

Encryption

The new security policy will provide a system-wide framework of encryption for various data aspects of jBASE, and different policies may be stored and implemented.

LEARN MORE

Workforce Security: 

Access control in jBASE is achieved via operating system-level access controls (ownership, group membership, and permissions.)  This provides a standard, powerful way to configure and manage access to resources that are well understood, and that works with most industry-standard monitoring tools.  jBASE is compatible with popular authentication systems including standard Windows, Unix/Linux username/password sets as well as token-based authentication systems.

Access Control: 

Access control in jBASE is achieved through the use of operating-system-level access controls (ownership, group membership, and permissions.)  This provides a standard, powerful way to configure and manage access to resources that are well understood and that works compatible with most industry-standard monitoring tools.  jBASE is compatible with popular authentication systems including standard Windows, Unix/Linux username/password sets as well as modern token-based authentication systems.  Access to administrative functions can be controlled via operating system access controls and can be limited to only authorized administrative users. jBASE supports audit logging to record changes to data within jBASE.  Auditing levels are granular and configurable.  jBASE allows logging to common logging systems for further convenience and control.

For printed output (spooler), jBASE offers the ability to run multiple spoolers assigned to separate security groups.  A user’s spooled output can be sent to the spooler for that user’s security group thus ensuring segregation of printed content that may contain personal health information.   Additionally, a spooler may be configured to be encrypted content including hold file content.

Audit Controls: 

jBASE provides a robust, configurable audit logging of all database change events.  The events can be recorded in jBASE’s own audit log, or they can be directed to a separate consumer.  The ability to separate the process that produces the audit content from the process consuming it allows unlimited control and flexibility and allows the audit mechanism to be tailored to work with existing enterprise auditing processes, procedures, and security policies.  Encryption of audit content can be achieved using the above methods.

Integrity: 

jBASE provides mechanisms for implementing logical data integrity checks to prevent alterations to data that violate prescribed business rules.  jBASE interfaces transmit data using OpenSSL data encryption for the production of data in transit (DIT).  jBASE Encryption protects data at rest (DAR) and permits the secure transmission of Transaction Logs to use by jBASE Transaction Logging and Replication.  jBASE transaction logs can be configured to record events in encrypted or unencrypted form. Encrypted transaction logging data is further protected by OpenSSL during transmission to jBASE replication subscribers.

Person or Entity Authentication: 

User authentication is performed by the underlying operating system.  jBASE supports popular authentication methods including user/password, Active Directory, LDAP, and token-based single sign-on solutions.

Person Transmission Security:

jBASE utilizes OpenSSL Data Encryption to protect data in transit (DIT) and also for encryption of data at rest (DAR). The benefits of OpenSSL ensure safe, secure data handling to comply with the requirements of HIPAA.

Contingency Plan:

jBASE’s robust Transaction Journaling subsystem records changes made to any configured jBASE data resource.  It can record these changes in transaction logs (encrypted or unencrypted).  The transaction logs can be used to recover from data loss events and can also be used to replicate data between jBASE servers.  jBASE Transaction Logging allows for multiple subscribers.  Each subscriber can be configured to apply transaction logs immediately to the target replication set or the application of the logs to the target data may be controlled to apply the changes on set intervals or manually.  When used in a replication configuration, secure transmission of transaction log content is achieved through OpenSSL encryption.  jBASE Transaction Journaling can be used to achieve compliance with HIPAA contingency planning requirements.

Get more information about our data security and encryption tools.