CS:Govern Overview
CS:Govern adds rich transparent field encryption capabilities to the entire suite of CapStorm® products. With CS:Govern you can:
-
- Force fields in a CopyStorm backup to automatically be encrypted (without changing any of your current backup processes.)
- Inherit encryption and compliance categories from Salesforce/Shield® and automatically apply the same rules in a CopyStorm backup.
- Control CopyStorm decrypted field access based on database user/role rules you define.
- Control encryption keys yourself or use CS:Govern’s built in support for the industry standard encryption standards (example: AES256).
Why would a CopyStorm customer want to add CS:Govern capabilities?
-
- A customer wants a complete backup of Salesforce — including all data which is encrypted in Salesforce.
- A customer wants to safely use their CopyStorm backup for reporting and analytics without exposing sensitive data to all database users.
- A customer wants to adhere to all Compliance and Regulatory requirements throughout the Salesforce backup environment
How Does CS:Govern Work?
CS:Govern employs a technique called Transparent Data Encryption (TDE) to achieve a security compliant CopyStorm database. In a TDE implementation:
-
- An application writing to a database does not know that certain fields are being encrypted.
- An application writes to database fields as if the fields are encrypted or unencrypted automatically.
CS:Govern achieves TDE by dynamically generating and installing code into a CopyStorm database based on the security rules supplied by a customer. The only way to bypass the security code installed by CS:Govern is by explicitly deleting CS:Govern code as a database administrator (i.e. a high level, high privilege bad actor is required).
In addition, CS:Govern has exactly one component that should be kept secret from normal database users — the encryption key store.
Making decryption totally transparent is pretty much impossible to do unless a person writes to the database engine. What CS:Govern does is generate database access code for every table under CS:Govern management. The code determines if the current database session user has access to a field and returns its unencrypted value if access is allowed (based on CS:Govern rules) or the field’s masked value otherwise. Naturally, CapStorm’s application automatically generate database queries which include CS:Govern access code wrappers. Other applications can do the same or, for simplicity, create a database view which uses the CS:Govern wrappers.
CS:Govern is, at a minimum, an intelligent dynamic SQL function and trigger generator that reacts to administrative changes to the selected fields to be Governed, the masking rules, and the associated compliance categories.
Supported Databases
CS:Govern currently supports Oracle, SQL Server and PostgreSQL.