Yes – you can create and associate multiple unique API keys per Dataset.
Ubiq’s API-first approach is the easiest and most effective way to protect sensitive data from unauthorized access or exposure.
Efficiently manage key lifecycle and algorithm usage, and leverage FIPS 140-2 compliant HSM key storage.
Uniquely protect each sensitive data element, with full audit and logging capabilities in a single dashboard.
Integrate client-side encryption, tokenization, and masking into your environment in minutes, without having to restructure your storage infrastructure.
We enable you to encrypt, tokenize, and mask sensitive data within infrastructure, so attackers, insider threats, cloud providers, and not even Ubiq have access to your data or keys.
Encrypt, tokenize, or mask structured or unstructured data, wherever it lives - databases, data warehouses, files - on-premise or in the cloud.
Integrate data security into applications, databases and datawarehouses, API gateways, and SaaS applications with ease and flexibility.
An efficient, effective approach to protecting sensitive data.
to go live
supported
ubiq = require('ubiq-security' 1.0.5)
const credentials =
new ubiq.Credentials('T31i/+eZAsURqVOO/0WfkGqd',
'GyPujOPlRcQu+uF7sZchT0c1BsUMkyqcIlz0ss3FhciS',
'AkQ9vGDsUhZPHk+YUSekFEJSP0XzKouEpfMIt6ZvmEfd')
plaintext_data = 'ABC'
encrypted_data = await ubiq.encrypt(credentials, plaintext_data)
console.log(encrypted_data.toString('base64'))
decrypted_data = await ubiq.decrypt(credentials, encrypted_data)
We obsess over simplifying the complexities of data security and key management through elegant abstractions, allowing you to avoid the costly and time-consuming acquisition and management of cumbersome tools, or the months spent developing and rolling your own crypto.
An attacker performs a credential stuffing attack to gain access to privileged accounts and plaintext data.
A07:2021 – Identification and Authentication FailuresAn attacker modifies an access control check or metadata to get access to privileged accounts and plaintext data.
A01:2021 – Broken Access ControlThe use of a blind trust application framework allows an attacker to exploit a vulnerable query and get access to plaintext data.
A03:2021 – InjectionAn employee with (database, cloud, etc.) admin access can easily access plaintext data.
Your cloud provider suffers a security breach, which grants attackers access to plaintext data.
You suffer a security breach, and the attackers compromise (database, cloud, etc.) admin credentials to access plaintext data.
Yes – you can create and associate multiple unique API keys per Dataset.
We currently support AES-256-GCM and AES-128-GCM for unstructured data, and the NIST FF1 method for structured data, with support planned for additional algorithms in the future. Please feel free to reach out if you have specific needs.
By default and upon creation, both Primary Keys and Data Encryption Keys are scheduled to rotate annually. You have the flexibility to adjust the rotation schedule to 3, 6, 12, 18, 24, or 36 month intervals.
Data Encryption Keys are stored with your encrypted data within your (customer) infrastructure. Data encryption keys are never sent to Ubiq.
Primary Encryption Keys are stored within FIPS 140-2 Level-3 compliant Hardware Security Modules (HSMs) within Ubiq’s SaaS infrastructure.