null

Compliance Made Easy

Unlike other database encryption solutions for MultiValue, ours just works! jBASE encryption brings 256 AES encryption to all jBASE file types and indexes without changing your application.

As demand for data security and integrity continues to increase, organizations are beginning to encrypt critical data inside corporate databases. Industry requirements and the emergence of laws and regulations requiring data protection mean that private information such as medical records, social security and customer credit-card numbers, payroll/benefits data, driver’s license numbers and more need to be kept secure. Just because the doctor can view a patient’s medical records does not mean that they should be open to viewing by a different user (such as the receptionist) running an ad-hoc query.

Built-in data security and protection comes standard in jBASE for no additional cost. Native Data at Rest encryption using the industry-standard AES256 cipher and latest OpenSSL library, now makes it easy to meet increasing compliance requirements. Following recommended practices, jBASE Key Management uses a 2-level key vault. jBASE also includes encryption for spooler data, backup and restore and transaction journaling while maintaining the high performance your users expect.

Unlike other database encryption solutions for MultiValue, ours just works! jBASE encryption brings 256 AES encryption to all jBASE file types and indexes without changing your application. Benefit from the latest encryption algorithms for:

 

  • Strong encryption using AES-256 symmetric cipher
  • Latest OpenSSL library provides cryptographic functions
  • File encryption is stored in encrypted container requiring a separate key for access
  • Simple yet powerful, supports modern encryption algorithms, meets modern data security requirements, easy to configure and manage, fast
  • Best of all, our encryption is safe and easy to implement.

 

 

Workforce Security:

Access control in jBASE is achieved via operating system-level access controls (ownership, group membership, and permissions.)  This provides a standard, powerful way to configure and manage access to resources that are well understood, and that works with most industry-standard monitoring tools.  jBASE is compatible with popular authentication systems including standard Windows, Unix/Linux username/password sets as well as token-based authentication systems.

 

Access Control:

Access control in jBASE is achieved through the use of operating-system-level access controls (ownership, group membership, and permissions.)  This provides a standard, powerful way to configure and manage access to resources that are well understood and that works compatible with most industry-standard monitoring tools.  jBASE is compatible with popular authentication systems including standard Windows, Unix/Linux username/password sets as well as modern token-based authentication systems.  Access to administrative functions can be controlled via operating system access controls and can be limited to only authorized administrative users. jBASE supports audit logging to record changes to data within jBASE.  Auditing levels are granular and configurable.  jBASE allows logging to common logging systems for further convenience and control.

For printed output (spooler), jBASE offers the ability to run multiple spoolers assigned to separate security groups.  A user’s spooled output can be sent to the spooler for that user’s security group thus ensuring segregation of printed content that may contain personal health information.   Additionally, a spooler may be configured to be encrypted content including hold file content.

 

Audit Controls:

jBASE provides a robust, configurable audit logging of all database change events.  The events can be recorded in jBASE’s own audit log, or they can be directed to a separate consumer.  The ability to separate the process that produces the audit content from the process consuming it allows unlimited control and flexibility and allows the audit mechanism to be tailored to work with existing enterprise auditing processes, procedures, and security policies.  Encryption of audit content can be achieved using the above methods.

 

Integrity:

jBASE provides mechanisms for implementing logical data integrity checks to prevent alterations to data that violate prescribed business rules.  jBASE interfaces transmit data using OpenSSL data encryption for the production of data in transit (DIT).  jBASE Encryption protects data at rest (DAR) and permits the secure transmission of Transaction Logs to use by jBASE Transaction Logging and Replication.  jBASE transaction logs can be configured to record events in encrypted or unencrypted form. Encrypted transaction logging data is further protected by OpenSSL during transmission to jBASE replication subscribers.

 

Person or Entity Authentication:

User authentication is performed by the underlying operating system.  jBASE supports popular authentication methods including user/password, Active Directory, LDAP, and token-based single sign-on solutions.

 

Personal Data Security:

jBASE utilizes OpenSSL Data Encryption to protect data in transit (DIT) and also for encryption of data at rest (DAR). The benefits of OpenSSL ensure safe, secure data handling to comply with the requirements of HIPAA.

 

Data Replication:

jBASE’s robust Transaction Journaling subsystem records changes made to any configured jBASE data resource.  It can record these changes in transaction logs (encrypted or unencrypted).  When used in a replication configuration, secure transmission of transaction log content is achieved through OpenSSL encryption.  jBASE Transaction Journaling can be used to achieve compliance with HIPAA contingency planning requirements.

Want to learn more?