As enterprises seek to protect data from cybercriminals, internal theft or accidental loss, encryption and key management have become increasingly important. No one needs to be reminded of the many high-profile, reputation-damaging and costly data breaches that have occurred over the past few years.
To protect consumers, industry organizations like the Payment Card Industry (PCI) have instituted security mandates such as the Data Security Standard (PCI DSS), and governments have passed numerous privacy and state breach notification laws. While these mandates and laws require companies to take certain steps to protect consumer and patient information, companies also are faced with protecting confidential information, ranging from employee information to intellectual property. This almost always means finding the best way to secure many types of data stored on a variety of hardware from mobile devices to desktops, servers and IBM mainframes in many different applications, databases and storage media.
Companies typically rely on strong local encryption to protect data, but this approach has some challenges. Encrypted data takes more space than unencrypted data. Trying to fit the larger cipher text of a 16-digit credit card number back into the 16-digit field poses a “square peg into a round hole” kind of storage problem, with consequences that ripple through the business applications that use the data.
To store encrypted values in place of the original data often requires companies to contract for costly programming modifications to existing applications and databases. Moreover, for businesses that must comply with PCI DSS, any system that contains encrypted card data is “in scope” for PCI DSS compliance and audits. Every in-scope system adds to the cost and complexity of compliance. Further, as some companies have learned the hard way, being compliant doesn’t equate to being secure. Breaches have occurred in companies that had taken the necessary steps to pass PCI DSS compliance audits.
To reduce the points of risk and the scope of PCI DSS audits and provide another level of security, a new data security model—tokenization—is gaining traction with those responsible for protecting all confidential information in an IT environment.
What Is Tokenization?
Tokenization is an alternative data protection architecture that’s ideal for some organizations’ requirements. It reduces the number of points where sensitive data is stored, making it easier to manage and be more secure. With tokenization, rather than return encrypted data to the originating database or application, a token, or surrogate value, is returned and stored in place of the original data. To maintain some of the business context of the original value, certain portions of the data can be retained in the token that’s generated. The token is then a reference to the actual cipher text, which is usually stored in a central data vault, and which might reside on an IBM mainframe. This token can then be safely used by any file, application, database or backup medium, thus minimizing the risk of exposing the actual sensitive data.
Because users can control the token format and because the token is consistent for all instances of a particular sensitive data value, business and analytical applications continue seamless operation.
Since tokens aren’t mathematically derived from the original data, they’re safer than exposing encrypted values. A token can be safely passed around the network among applications, databases and business processes, with the encrypted data it represents securely stored in the central repository. Authorized applications that need access to encrypted data can retrieve it only with proper credentials and a token issued from a token server, providing an extra layer of protection for sensitive information and preserving storage space at data collection points.
Tokenization addresses the unanticipated complexities introduced by traditional encryption, but can also minimize the number of locations where sensitive data resides because the cipher text is only centrally stored. This helps organizations simplify operations and reduce the risk of a breach. Replacing encrypted data with tokens provides a way for organizations to reduce the number of employees who can access sensitive data, dramatically minimizing internal data theft risk. Under the tokenization model, only authorized employees have access to encrypted data such as customer information; even fewer employees have access to the clear text, decrypted data.