CS:Govern Overview

CS:Govern adds rich transparent field encryption capabilities to the entire suite of CapStorm® products. With CS:Govern you can:

    1. Force fields in a CopyStorm backup to automatically be encrypted (without changing any of your current backup processes.)
    2. Inherit encryption and compliance categories from Salesforce/Shield® and automatically apply the same rules in a CopyStorm backup.
    3. Control CopyStorm decrypted field access based on database user/role rules you define.
    4. Control encryption keys yourself or use CS:Govern’s built in support for the industry standard encryption standards (example: AES256).

Why would a CopyStorm customer want to add CS:Govern capabilities?

    1. A customer wants a complete backup of Salesforce — including all data which is encrypted in Salesforce.
    2. A customer wants to safely use their CopyStorm backup for reporting and analytics without exposing sensitive data to all database users.
    3. A customer wants to adhere to all Compliance and Regulatory requirements throughout the Salesforce backup environment

How Does CS:Govern Work?

CS:Govern employs a technique called Transparent Data Encryption (TDE) to achieve a security compliant CopyStorm database. In a TDE implementation:

    1. An application writing to a database does not know that certain fields are being encrypted.
    2. An application writes to database fields as if the fields are encrypted or unencrypted automatically.

CS:Govern achieves TDE by dynamically generating and installing code into a CopyStorm database based on the security rules supplied by a customer.  The only way to bypass the security code installed by CS:Govern is by explicitly deleting CS:Govern code as a database administrator (i.e. a high level, high privilege bad actor is required).

In addition, CS:Govern has exactly one component that should be kept secret from normal database users — the encryption key store.

Making decryption totally transparent is pretty much impossible to do unless a person writes to the database engine. What CS:Govern does is generate database access code for every table under CS:Govern management. The code determines if the current database session user has access to a field and returns its unencrypted value if access is allowed (based on CS:Govern rules) or the field’s masked value otherwise. Naturally, CapStorm’s application automatically generate database queries which include CS:Govern access code wrappers. Other applications can do the same or, for simplicity,  create a database view which uses the CS:Govern wrappers.

CS:Govern is, at a minimum, an intelligent dynamic SQL function and trigger generator that reacts to administrative changes to the selected fields to be Governed, the masking rules, and the associated compliance categories.

Supported Databases

CS:Govern currently supports Oracle, SQL Server and PostgreSQL.