> Read the whitepaper on our Zero Trust data-level security platform.

Individually encrypt, tokenize, or mask sensitive data to mitigate breaches and stay compliant.

Storage level encryption isn’t effective – Ubiq’s Zero Trust data-level security platform ensures your data is safe no matter where it’s stored, shared or analyzed.

Start for free

Ubiq’s Zero Trust data security platform provides radical protection and effortless compliance.

 

Read the Reviews

 

 

 

 

Storage layer encryption may check a compliance box…. but it doesn’t effectively protect your sensitive data.

Admin credentials can easily bypass storage-layer controls, putting your data at risk of insider and external threats.

Data is only protected when stored, not in use. Usage and sharing require decryption, increasing the risk of exposure.

It lacks fine-grained access controls, forcing you to trust users with full access to sensitive data for analytics.

How It Works

We’ve abstracted the messy and complex world of encryption, tokenization, masking, and key management into a simple API call and elegant integrations, allowing you to confidently secure sensitive data on the client-side in minutes.

New data generated Existing data requested
Data is collected from normal user input or process.
Ubiq API is called locally to secure data.
Data is secured without leaving your environment.
Ciphertext is stored in storage (instead of cleartext).
Data is protected from storage-layer compromise.
User or process requests data.
Ciphertext is retrieved from storage.
Ubiq API is called locally to convert data into plaintext.
Data is converted to cleartext without leaving your environment.
Data is presented to user or process, as per normal.

Store Your Data Securely

 

Keep your data safe no matter where it’s stored.

Since your data is individually secured, you’ll lower risk of unauthorized access by malicious insiders, external attackers, and supply chain threats.

 
 

Confidently Analyze and Share Your Data

 

Grant access permissions to specific identities.

Ubiq integrates with your IDP to provide fine-grained permissions and control over sensitive data, enabling secure analysis and safe sharing, and a Zero Trust data security strategy.

ubiq = require('ubiq-security' 1.0.5)

const credentials =
    new ubiq.Credentials('T31i/+eZAsURqVOO/0WfkGqd',
                         'GyPujOPlRcQu+uF7sZchT0c1BsUMkyqcIlz0ss3FhciS',
                         'AkQ9vGDsUhZPHk+YUSekFEJSP0XzKouEpfMIt6ZvmEfd')

plaintext_data = 'ABC'

encrypted_data = await ubiq.encrypt(credentials, plaintext_data)
console.log(encrypted_data.toString('base64'))

decrypted_data = await ubiq.decrypt(credentials, encrypted_data)

Integrated and Automated Key Management

 

Manage cryptographic keys securely – without additional tools and specialized resources.

Ubiq’s integrated key management automates compliance-driven key management practices and provides secure key storage, eliminating the need and cost of managing your own KMS or HSM.

DATA SECURITY, WITHOUT THE COMPLEXITY.

Customers rule (our) world.

Ubiq’s data-level security allows you to quickly and easily integrate client-side encryption, tokenization, and masking into your environment. This enables you to focus more on enhancing product and customer experiences, while spending less time managing disparate data security and key management tools.

Node.js
Ruby
Python
C
C++
C#
Java
GO
Snowflake 
const ubiq = require('ubiq-security')
                
// Explicitly set the credentials.

const credentials = new Credentials('', '', '')

// Encrypt a block of data.

const encrypted_data = await ubiq.encrypt(credentials, plainntext_data)

// Decrypt a block of data.

const plainttext_data = await ubiq.decrypt(credentials, encrypted_data)

require 'ubiq-security'
include Ubiq

# Explicitly set the credentials.
credentials = Credentials(access_key_id = "...", secret_signing_key = "...", secret_crypto_access_key = "...")

# Encrypt a block of data.
encrypted_data = encrypt(credentials, plaintext_data)

# Decrypt a block of data.
plaintext_data = decrypt(credentials, encrypted_data)

# Require the Security Client.
import ubiq_security as ubiq

# Explicitly set the credentials.
credentials = ubiq.credentials(access_key_id = "...", secret_signing_key = "...", secret_crypto_access_key = "...")

# Encrypt a block of data.
encrypted_data = ubiq.encrypt(credentials, plaintext_data)

# Decrypt a block of data.
plaintext_data = ubiq.decrypt(credentials, encrypted_data)

#include 

struct ubiq_platform_credentials * creds = NULL;
void * ptbuf = NULL, * ctbuf = NULL;
size_t ptlen = 0, ctlen = 0;

/*
 * load credentials from the environment
 * or the credentials file
 */
ubiq_platform_credentials_create(creds);

/* initialize ptbuf and ptlen */
...

/* Encrypt a block of data. */
ubiq_platform_encrypt(creds, ptbuf, ptlen, ctbuf, ctlen);

/* Decrypt a block of data. */
ubiq_platform_decrypt(creds, ctbuf, ctlen, ptbuf, ptlen);

free(ctbuf);
free(ptbuf);

ubiq_platform_credentials_destroy(creds);
#include 
 /*
  * load credentials from the environment
  * or the credentials file
  */
 ubiq::platform::credentials creds;
 std::vector ptbuf, ctbuf;

/* initialize ptbuf */
...

/* Encrypt a block of data. */
ctbuf = ubiq::platform::encrypt(creds, ptbuf.data(), ptbuf.size());

/* Decrypt a block of data. */
ptbuf = ubiq::platform::decrypt(creds, ctbuf.data(), ctbuf.size());
using UbiqSecurity;

/* explicitly set the credentials  */
var credentials = UbiqFactory.CreateCredentials(accessKeyId: "...", secretSigningKey: "...", secretCryptoAccessKey: "..."); 

/* Encrypt a block of data. */
byte[] plainBytes = ...;
byte[] encryptedBytes = await UbiqEncrypt.EncryptAsync(credentials, plainBytes);

/* Decrypt a block of data. */
plainBytes = await UbiqDecrypt.DecryptAsync(credentials, encryptedBytes);
import com.ubiqsecurity.UbiqCredentials;
import com.ubiqsecurity.UbiqDecrypt;
import com.ubiqsecurity.UbiqEncrypt;
import com.ubiqsecurity.UbiqFactory;

// Explicitly set the credentials.
UbiqCredentials credentials = UbiqFactory.createCredentials("", "", "", null);

// Encrypt a block of data.
byte[] plainBytes = ...;
byte[] encryptedBytes = UbiqEncrypt.encrypt(credentials, plainBytes);

// Decrypt a block of data.
plainBytes = UbiqDecrypt.decrypt(credentials, encryptedBytes);
import "gitlab.com/ubiqsecurity/ubiq-go"
var plaintext []byte = ...

// load the default credentials
credentials, _ := ubiq.NewCredentials()

// encrypt a block of data
ciphertext, _ := ubiq.Encrypt(credentials, plaintext)

// decrypt a block of data
plaintext, _ := ubiq.Decrypt(credentials, ciphertext)
# Initialize credentials into the current session
call ubiq_begin_fpe_session(dataset_names, access_key,
secret_key, secret_crypto_access_key);

# Encrypt a block of data.
select ubiq_fpe_encrypt_cache(plain_text, dataset_name);

# Decrypt a block of data.
select ubiq_fpe_decrypt_cache(cipher_text, dataset_name);
​
# Querying encrypted data stored in a table
select name, address, ubiq_fpe_decrypt_cache(sensitive_info, dataset_name) from secure_table;

# Inserting encrypted data to a table
insert into secure_table (name, address, sensitive_info) values ("Jeff", "101 Anywhere St",
ubiq_fpe_encrypt_cache(sensitive_info, dataset_name));
​
# Tear down the Ubiq Session
call ubiq_close_fpe_session(access_key, secret_key);

Integrations galore

Integrations are available for the most popular programming languages, databases and warehouses, API gateways, and SaaS platforms.

Learn more >

  • 30+ integrations
  • Detailed documentation and integration examples
  • Industry standard, NIST-compliant algorithms
  • FIPS 140-2 Level 3-compliant key storage
  • Your data never leaves your environment
  • Simple integrations & scalable APIs
Read the Docs

 

30+ integrations to all your systems

Get radically effective data-level protection. Get Ubiq.

Book a Demo