How to Secure JDBC Legacy Applications?

 

If the legacy applications are using JDBC Drivers to retrieve data from data bases, those applications can be secured simply by using the driver provided by CipherWorks. 

 

Unsecured Legacy Applications

Legacy_Before.png

 

Most enterprises move unencrypted sensitive data across many systems. This makes the sensitive data spread all over the enterprise. This kind of ‘sensitive data diffusion’ brings many of the enterprise systems under the scope of compliance; and also makes the data more vulnerable to internal and external threats in multiple systems.  In order to relieve these systems from scope of compliance and to secure the data, it is necessary to encrypt the sensitive data in all the systems. This would require application code changes which is very expensive and disruptive to the operations.

 

Secure Legacy Applications with no code change

 

Legacy_After.png

Legacy applications that use JDBC drivers to read and write to databases can be secured wihtout making any code change. By simply replacing its JDBC driver by CipherWorks JDBC Driver, the Create/Read/Update queries will automatically encrypt/decrypt sensitive data without any change in the applications. Here are the general concepts on how it works:

Data Classification Catalog

Contains the Schema/Table/Column details of the sensitive data that requires semantic encryption.

Privileged Mode

If this mode is enabled, the sensitive data elements in the query will be automatically decrypted before the data is returned to the client. 

Secured Mode 

If this mode is enabled, the sensitive data elements in the queried data will NOT be decrypted when the data is returned to the client. The queried data will be returned to the client in the encrypted form. 

In Privileged ModeSecured Mode, any sensitive data that is inserted or updated will be automatically encrypted before saving the data in the table.