The secure harbor for your encryption – flexible and scalable – without modification of your IT systems.
secRT is the technological basis of all eperi products. As a joint Open Source development with the German Federal Office for Information Security (BSI), the secRT encrypts data and protects against unauthorized access and modification. secRT administers all required keys outside the IT systems to be protected in the secure secRT environment. Security Administrators assign the appropriate rights to users and IT administrators. All cryptographic operations are processed outside the databases and applications in the secure secRT environment. Even IT administrators gain no access to the unencrypted data. As the eperi products run in a self-contained environment, they are independent, flexible and scalable.
Easy integration into existing company IT systems
Integrating the eperi Gateways into the existing IT environment is either done as transparent proxy or – in case of databases – using views, triggers and stored procedures. Existing directory services (LDAP, Active Directory, etc.) may easily be embedded by using standard modules. An explicit user configuration within the eperi solution is not required, as this data may just be imported. Issuing certificates is done with just one mouse-click by using the integrated Certificate Authority (CA). Alternatively, the integration of an existing company CA or Trust Center is possible. The eperi Gateway supports standard protocols to directly integrate external certification centers or to import existing certificates/P12-Containers.
In either case the company IT systems remain unchanged, as only standard mechanisms are used. No application modification is required.
How are the eperi Gateways operated?
Your existing standard IT systems as well as individual systems are secured quickly and easily with just a few mouse-clicks. According to your requirements, the eperi Gateways operate in the Cloud or On-Premise as virtual machine or as Java Web application.
- Cloud: The easiest way to operate the eperi Gateways is to have them run in the Cloud. Just start the Gateway as image via a Cloud provider such as SoftLayer.
- On-Premise – as virtual appliance. The eperi Gateways may be operated as virtual machine, e.g. as ESXi image. Directly after successful import into your in-house virtualization server, the eperi Gateways are ready to use.
- On-Premise – as Java Web archive: You may operate the eperi Gateways on your existing Java Application Server. They may be operated on a server engine like Tomcat or another Java Application Server. Operation on a server to be protected is possible as on a dedicated server.
Cloud Access Security Brokers: The Future of Cloud Security
The eperi Gateway acts as a Cloud Access Security Broker (CASB) and offers a solution for the often unregulated use of cloud applications in a company. CASB are located between the cloud user and cloud provider, regulating external data access, which user has access to which applications and their permissions. Gartner IT analysts distinguish between three work procedures for CASB:
- A proxy-like, on-premises gateway
- A host-based agent model
- An API-based, cloud-side SaaS solution
Companies are profiting fourfold from CASB:
- Better internal cloud app monitoring
- Higher IT compliance rate leads to higher legal security
- Better crisis prevention through more precise data flow control
- Additional security layer for sensitive company data
All these strengths allow CASB to provide more security, transparence and trust, making it an ideal entry solution for companies that have so far declined cloud solutions out of fear of external access to their sensitive company data.